Recommendation: The Secretary of Defense should ensure that the Director of DSCA takes steps to work with Defense Finance and Accounting Service (DFAS)--DSCA's financial service provider--and other DOD components, as appropriate, to improve the reliability of the data the DSCA obtains on all DOD components' use of FMS administrative funds, including actual execution data, at an appropriate level of detail, such as by object class. (Recommendation 1)

Agency: Department of Defense
Status: Open
Priority recommendation

Comments: In February and May 2019, DSCA informed us that it had taken some steps to implement this recommendation, including establishing an automatic interface with certain DOD components' accounting systems to provide DSCA with daily information and data on those components' actual spending of FMS administrative funds. DSCA noted that it is working toward establishing automatic interfaces for the other components that receive these funds. In October 2019, DSCA informed us that implementation is ongoing. As of August 2020, we continue to monitor DOD's ongoing actions to implement this recommendation .

Recommendation: The Secretary of Defense should ensure that the Director of DSCA works with DFAS to conduct regular reconciliations of the data that DSCA collects on DOD components' use of administrative funds, to help ensure that the data are reliable. (Recommendation 2)

Agency: Department of Defense
Status: Open

Comments: In May 2019, DSCA noted that it is undertaking an initiative to incorporate reconciliation capabilities into its oversight of components' use of FMS administrative funds. In October 2019, DSCA informed us that efforts to implement this recommendation are ongoing. As of August 2020, we continue to monitor DOD's actions to implement this recommendation .

Recommendation: The Director of DSCA should follow its requirement to conduct at least two annual reviews of military department business processes for administrative funds. (Recommendation 3)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In October 2019, DSCA informed us that it had conducted two business process reviews for military departments in 2019. As of August 2020, we continue to monitor DSCA's ongoing actions to implement this recommendation.

Recommendation: The Director of DSCA should conduct periodic (e.g., annual or biennial) reviews of other DOD components' (e.g., other than military departments) business processes for administrative funds, based on a risk-based approach. Such an approach could include consideration of whether an entity has received a prior review or representative sampling over time, as well as consideration of factors such as the results of prior audits or other identified risks. (Recommendation 4)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In October 2019, DSCA informed us that it planned to conduct one review for another DOD component (e.g., other than a military department) in fall 2019. In January 2019, it collaborated with other DOD components that receive FMS administrative funds to develop risk-based criteria for selecting components for periodic business process reviews . DSCA also provided updated policies and procedures for these reviews, which state that DSCA will conduct at least one review for another DOD component annually. As of August 2020, we continue to monitor DSCA's ongoing actions to implement this recommendation.

Recommendation: The Director of DSCA should create and maintain a complete list of military department organizations or offices that receive administrative funds and are subject to DSCA's business process reviews. (Recommendation 5)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In May 2019, DSCA provided supporting documentation to show that, as part of its annual budget review cycle, it had required DOD components to provide a list of sub-components/organizations that receive FMS administrative funds. In October 2019, DSCA provided a list of sub-components/organizations that DSCA obtained as part of the 2019 annual budget cycle. As of August 2020, we continue to monitor DSCA's actions to implement this recommendation.

Recommendation: The Director of DSCA should update DSCA's policy for selecting military department organizations for reviews of their business processes for administrative funds, to better ensure that it reflects a risk-based approach. (Recommendation 6)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In May 2019, DSCA provided updated standard operating procedures for selecting military department organizations for reviews of their business processes for administrative funds. As of August 2020, we are reviewing the documentation provided and following up with DSCA to determine the extent to which the new procedures reflect a risk-based approach.

Recommendation: The Director of DSCA should clarify guidance to ensure that the DSCA officials conducting reviews of business processes for administrative funds periodically track action items until they are completed. (Recommendation 7)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In February 2019, DSCA noted that it had updated its policies and procedures to reflect that it will track action items from business process reviews every 30 days, until the action items area completed. DSCA needs to providing supporting documentation for its efforts to track action items. As of August 2020, we continue to monitor DSCA's ongoing actions to implement this recommendation .

Recommendation: The Director of DSCA should develop a process for conducting periodic (e.g., quarterly or annual), targeted reviews of DOD components' use of administrative funds, including transactions testing, to verify that actual costs incurred are allowable and approved. (Recommendation 8)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In February 2019, DSCA noted that it was in the process of conducting "mock" audits of DOD components' use of FMS administrative funds, and that it was undergoing efforts to ensure that a process is in place for the financial review of components' actual spending of these funds. DSCA noted that these efforts were ongoing in October 2019. As of August 2020, we continue to monitor DSCA's ongoing efforts to implement this recommendation.

Recommendation: The Secretary of Defense should ensure that the Director of DSCA takes steps to work with DFAS and other DOD components, as appropriate, to improve the reliability of the data that DSCA obtains on all DOD components' use of CAS funds, including actual execution data, at an appropriate level of detail, such as by object class. (Recommendation 9)

Agency: Department of Defense
Status: Open
Priority recommendation

Comments: In February and May 2019, DSCA informed us that it had taken some steps to implement this recommendation, including establishing an automatic interface with certain DOD components' accounting systems to provide DSCA with daily information and data on those components' actual spending of FMS CAS funds. DSCA noted that it is working toward establishing automatic interfaces for the other components that receive these funds. In October 2019, DSCA informed us that implementation is ongoing. As of August 2020, we continue to monitor DOD's ongoing actions to implement this recommendation.

Recommendation: The Secretary of Defense should ensure that the Director of DSCA works with DFAS to conduct regular reconciliations of the data that DSCA collects on DOD components' use of CAS funds, to help ensure that the data are reliable. (Recommendation 10)

Agency: Department of Defense
Status: Open

Comments: In May 2019, DSCA noted that it is undertaking an initiative to incorporate reconciliation capabilities into its oversight of components' use of FMS CAS funds. In October 2019, DSCA informed us that efforts to implement this recommendation are ongoing. As of August 2020, we continue to monitor DOD's actions to implement this recommendation

Recommendation: The Director of DSCA should develop a process for conducting periodic (e.g., quarterly or annual), targeted reviews of DOD components' use of CAS funds, including transactions testing, to verify that actual costs incurred are allowable and approved. (Recommendation 11)

Agency: Department of Defense: Defense Security Cooperation Agency
Status: Open

Comments: In February 2019, DSCA noted that it was in the process of conducting "mock" audits of DOD components' use of FMS CAS funds, and that it was undergoing efforts to ensure that a process is in place for the financial review of components' actual spending of these funds. As of October 2019, DSCA noted that these efforts were ongoing. As of August 2020, we continue to monitor DSCA's ongoing efforts to implement this recommendation.

Recommendation: To enhance management attention to closing out contracts, the Secretary of Health and Human Services should develop a means for department-wide oversight into components' progress in meeting their goals on closing contracts and the status of contracts eligible for closeout. (Recommendation 2)

Agency: Department of Health and Human Services
Status: Open

Comments: The Department of Health and Human Services agreed with the recommendation and has developed a template and instructions for quarterly reporting from its divisions. The Department identified some performance measures that it will monitor on a quarterly basis, such as contracts closed on time and total backlog. Due to competing priorities and focus on the COVID-19 response, the Department plans to provide additional steps toward progress at the next reporting cycle.

Recommendation: To enhance management attention to closing out contracts, the Attorney General should direct the Senior Procurement Executive to ensure the development of a means to track data on the number and type of contracts eligible for closeout and where the contracts are in the closeout process, as well as a means to assess--at the agency or component level--progress by establishing goals and performance measures for closing contracts. (Recommendation 4)

Agency: Department of Justice
Status: Open

Comments: The Department of Justice agreed with the recommendation and in early fiscal year 2020 enhanced its financial management system to allow the Bureaus to assess whether a contract needs to be closed out. The Department anticipates that the associated guidance, which includes performance measures, will be issued in late summer 2020.

Recommendation: To enhance management attention to closing out contracts, the Secretary of State should develop a means at the agency level to track data on the entirety of the number and type of contracts eligible for closeout, where the contracts are in the closeout process, and establish goals and performance measures for closing contracts. (Recommendation 5)

Agency: Department of State
Status: Open

Comments: The Department of State agreed with the recommendation and is upgrading its system to improve data quality and enable the tracking and sharing of contract closeout information. The enhancements to the contracting system would allow the Department to establish a baseline and develop metrics to measure progress on closing contracts. The Department anticipates that the upgrades and data utilization will continue into fiscal year 2021.

Recommendation: To help foster strategic decision making and improvements in the acquisition of services, the Under Secretary of Defense for Acquisition, Technology, and Logistics should, as part of its effort to update the January 2016 instruction, reassess the roles, responsibilities, authorities, and organizational placement of key leadership positions, including functional domain experts, senior services managers, and component level leads.

Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
Status: Open
Priority recommendation

Comments: DOD concurred with the recommendation. In July 2018, DOD officials told us that they planned to fully implement this recommendation in the revised instruction once it was issued. In January 2020, DOD issued an updated instruction that, among other things, revised elements of the management structure. We plan to begin work later in 2020 that will assess whether the changes reflected in the January 2020 instruction address the issues we identified.

Recommendation: To help foster strategic decision making and improvements in the acquisition of services, the Under Secretary of Defense for Acquisition, Technology, and Logistics should, as part of its effort to update the January 2016 instruction, clarify the purpose and timing of the Services Requirements Review Board process to better align it with DOD's programming and budgeting processes.

Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
Status: Open
Priority recommendation

Comments: DOD concurred with the recommendation. In July 2018, DOD officials told us that they planned to fully implement this recommendation in the revised instruction once it was issued. In January 2020, DOD issued an updated instruction that, among other things, revised elements of the Services Requirements Review Board process. We plan to begin work later in 2020 that will assess whether the changes reflected in the January 2020 instruction address the issues we identified.

Recommendation: The Under Secretary of Defense for Acquisition, Technology and Logistics should identify the specific types of information that would best meet the department's needs and, based on that determination, collect and analyze relevant data after contract performance is sufficiently complete to determine the extent to which contracts with incentives achieved their desired outcomes.

Agency: Department of Defense: Office of the Secretary of Defense: Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics
Status: Open

Comments: DOD concurred with our recommendation and has taken steps to address it. For example, in April 2018, the department developed a template for the military departments to use to identify specific types of information to collect. Since then, each of the military departments has initiated or planned to initiate efforts to collect and analyze information about outcomes of incentive contracts. In addition, in July 2020 DOD provided examples of selected DOD, Army, and Navy incentive contracts documented in the template previously noted. The department did not provide additional information about the Air Force's efforts, or about how DOD is analyzing the information to determine whether incentives can achieve desired outcomes. GAO has ongoing work to review DOD's use of fixed-price type contracts--including fixed-price incentive contracts--for major DOD systems, which may provide additional insights related to this recommendation.

Recommendation: To ensure that DHS effectively implements FITARA, the Secretary of Homeland Security should direct the Under Secretary for Management to direct the Chief Information Officer to establish time frames and implement a plan for (1) identifying the department's future IT skillset needs as a result of DHS's new delivery model, (2) conducting a skills gap analysis, and (3) resolving any skills gaps identified.

Agency: Department of Homeland Security
Status: Open

Comments: In 2018 and 2019, the DHS Office of the Chief Information Officer implemented a Strategic Workforce Planning initiative that included (1) identifying the department's future IT skillset needs, and (2) conducting a skills gap analysis related to these needs. The department is currently working to resolve the skills gaps identified during the initiative. We will continue to monitor and evaluate the Department's efforts to resolve these skills gaps.

Recommendation: To ensure that DHS effectively implements FITARA, the Secretary of Homeland Security should direct the Under Secretary for Management to update the department's acquisition policies and guidance to be consistent in identifying that the DHS CIO is to certify investments' incremental development activities.

Agency: Department of Homeland Security
Status: Open

Comments: In response to our recommendation, DHS updated its agile development policy to specify that the DHS CIO is responsible for certifying investments' incremental development activities, which is consistent with the Department's Acquisition Management Instruction. However, DHS has not yet updated its Systems Engineering Life Cycle Instruction and Guidebook to be consistent in specifying that this certification is the responsibility of the DHS CIO. We will continue to monitor the Department's progress in implementing this recommendation.

Recommendation: To ensure that DHS effectively implements FITARA, the Secretary of Homeland Security should direct the Under Secretary for Management to update DHS headquarters', Customs and Border Protection's, and U.S. Coast Guard's processes to track, for all contracts and agreements, the IT investment with which each is associated (as applicable).

Agency: Department of Homeland Security
Status: Open

Comments: In response to our recommendation, Customs and Border Protection implemented a process to track the IT investments associated with each contract and agreement. The U.S. Coast Guard also implemented a process to track the IT investments associated with its contracts; however, it has not yet demonstrated that it has implemented such a process for tracking the IT investments associated with its agreements. Further, DHS headquarters is still working to establish a process for tracking the IT investments associated with its contracts and agreements. We will continue to monitor and evaluate the Department's progress in implementing this recommendation.

Recommendation: To ensure that DHS effectively implements FITARA, the Secretary of Homeland Security should direct the Under Secretary for Management to update and implement the process DHS uses for assessing the risks of major IT investments to ensure that the CIO rating reported to the Dashboard fully reflects the CIO's assessment of each major IT investment.

Agency: Department of Homeland Security
Status: Open

Comments: DHS concurred with our recommendation. In May 2020, DHS officials stated that the Office of the CIO began piloting a new program health assessment process in the second quarter of fiscal year 2020, and DHS intends to report the program ratings resulting from that process to the IT Dashboard. We will continue to monitor and evaluate the Department's efforts to implement this new process.

Recommendation: To allow DOE management to effectively monitor invoice reviews and have assurance that this control activity is operating as intended, the Secretary of Energy should establish a DOE-wide invoice review policy that includes requirements for sites to establish well-documented invoice review operating procedures.

Agency: Department of Energy
Status: Open

Comments: In its comments on a draft of the report in March 2017, DOE concurred in principle with this recommendation, stating that it already had an established, detailed DOE-wide invoice review policy provided in DOE's Financial Management Handbook and in the DOE Acquisition Guide. In February 2020, DOE issued an update to its Financial Management Handbook that included additional procedures to address intra-governmental payment and collection transactions. However, neither the prior version of the Financial Management Handbook nor the additional information includes invoice review procedures. The Financial Management Handbook refers users to the DOE Acquisition Guide for procedures for invoice review. However, the Acquisition Guide states that it is intended to offer general guiding principles for approving officials to consider when reviewing and analyzing cost elements included in contract invoices--as opposed to detailed procedures for invoice review--and does not require sites to establish well-documented invoice review operating procedures, as we recommended.

Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including creating a structure with a dedicated entity within DOE to design and oversee fraud risk management activities.

Agency: Department of Energy
Status: Open
Priority recommendation

Comments: In its comments on a draft of the report in March 2017, DOE partially agreed with the recommendation. In its written comments on the report, DOE stated that it considered the recommendation to be closed without corrective action and that it would rely on the existing Office of Financial Policy and Internal Controls and on the DOE Office of Inspector General (OIG) to design and oversee financial fraud risk management activities. However, we disagree that relying in part on the OIG to design and oversee fraud risk management activities meets best practices because, according to GAO's Fraud Risk Framework, the dedicated entity should not include the OIG so that the OIG can maintain its independence. In May 2020, DOE officials said they were developing a fraud risk and data analytics framework. Among other steps, DOE expects to establish a new group in fiscal year 2020 that will oversee DOE's fraud risk management activities. We will continue to monitor DOE's progress in implementing this recommendation.

Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including conducting fraud risk assessments that are tailored to each program and use the assessments to develop a fraud risk profile

Agency: Department of Energy
Status: Open

Comments: In its comments on a draft of the report in March 2017, DOE concurred with the substance of the recommendation; however they considered the recommendation to be closed without corrective action because DOE believed that its risk assessments met the requirements of the Improper Payments Elimination and Recovery Improvement Act of 2012, as reported by the Office of Inspector General (OIG), and because it has implemented updates to OMB Circular A-123 that added requirements related to managing fraud risk and adherence to GAO's Fraud Risk Framework. However, we found that DOE has not conducted fraud risk assessments that were tailored to its programs and, therefore, do not allow the department to create a fraud risk profile. We also found that, although DOE updated its internal control assessment tools with a list of fraud risks as required by OMB Circular A-123, the list of risks were the same for all DOE sites and were not tailored to the sites' different programs. In May 2020, DOE officials said they were developing a fraud risk and data analytics framework. Among other steps, the framework is expected to include changes to DOE's process to develop its fraud risk profile, beginning in fiscal year 2020. We will continue to monitor DOE's progress in implementing this recommendation.

Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including developing and documenting an antifraud strategy that describes the programs' approaches for addressing the prioritized fraud risks identified during the fraud risk assessment.

Agency: Department of Energy
Status: Open

Comments: In its comments on the draft report in March 2017, DOE concurred with this recommendation but considered the recommendation closed without corrective action because DOE had implemented the updated OMB Circular A-123 and because DOE's antifraud strategy was embedded in the DOE internal control program. However, DOE officials told us that they had not developed or documented a DOE-wide antifraud strategy or directed individual programs to develop program-specific strategies. Furthermore, DOE's implementation of OMB Circular A-123 included adding a list of potential risks to their internal control assessment tool that were the same for all DOE sites and were not tailored to the sites' different programs. In May 2020, DOE officials said they were developing a fraud risk and data analytics framework. Among other steps, DOE is planning to develop an antifraud strategy in fiscal year 2021. We will continue to monitor DOE's progress in implementing this recommendation.

Recommendation: To help DOE take a more strategic approach to managing improper payments and risk, including fraud risk, the Secretary of Energy should implement leading practices for managing the department's risk of fraud, including designing and implementing specific control activities, including fraud awareness training and data analytics, to prevent and detect fraud and other improper payments.

Agency: Department of Energy
Status: Open

Comments: In its comments on the draft report in March 2017, DOE stated that it concurred in principle with the recommendation, but that it had implemented the recommendation. In May 2020, DOE officials said they were developing a fraud risk and data analytics framework. Among other steps, DOE is planning to begin in fiscal year 2022 to use data analytics across the agency to prevent fraud. We will continue to monitor DOE's progress in implementing this recommendation.

Recommendation: To help ensure that necessary data are available to employ data analytics as a tool to perform contractor cost-surveillance activities, the Secretary of Energy should require contractors to maintain sufficiently detailed transaction-level cost data that are reconcilable with amounts charged to the government, including (1) cost data that, at a minimum, represent a full data population and (2) the details necessary to determine the nature of each cost transaction, with such identifiers as transaction date, dollar amount, item or service description, and transaction codes to indicate the type of cost represented (e.g., construction materials, property lease, and office supplies).

Agency: Department of Energy
Status: Open

Comments: In its comments on the draft report in March 2017, DOE did not agree to implement this recommendation because officials believe that the recommendation establishes agency-specific requirements for DOE contractors that are more prescriptive than current federal requirements. In May 2020, DOE officials said they were developing a fraud risk and data analytics framework. Among other steps, DOE is planning to begin in fiscal year 2022 to use data analytics across the agency to prevent fraud. We will continue to monitor DOE's progress in implementing this recommendation.

Recommendation: In order to ensure that contracting officers have clear and effective policies as soon as possible, the Secretary of Veterans Affairs should direct the OAL to identify measures to expedite the revision of the Veterans Affairs Acquisition Regulation (VAAR), which has been ongoing for many years, and the issuance of the VA Acquisition Manual.

Agency: Department of Veterans Affairs
Status: Open
Priority recommendation

Comments: VA concurred with this recommendation and has made progress in finalizing the update to its acquisition regulations and manual. In August 2020, VA reported that 31 of the 41 parts in its new acquisition regulations had been issued as draft or final rules. The remainder are at an earlier stage of the rulemaking process. VA also stated that it remains on track to release the final VA Acquisition Regulations in April 2021.

Recommendation: To enable AFRICOM to comprehensively and consistently account for contractor personnel in Africa, the Secretary of Defense, in coordination with the Chairman of the Joint Chiefs of Staff, should direct Joint Staff to clarify what types of contractor personnel should be accounted for in its guidance on personnel status reports.

Agency: Department of Defense
Status: Open

Comments: DOD concurred with this recommendation. DOD has taken steps to clarify what types of contractor personnel should be accounted for in its guidance on personnel status reports, but, as of July 2019, revision of that guidance is ongoing. According to Joint Staff officials in May 2018, CJCSM 3150.13C provides policy and guidance on what types of contractor personnel to account for in personnel status reports, and the updated guidance will incorporate lessons learned from USAFRICOM's implementation of that policy. The updated CJCSM 3150.13C is projected to be completed by Summer 2018. Once issued, USAFRICOM officials stated they will incorporate their local policies and standards into the CJCSM 3150.13C, and expect that a coordinated directive on local policies, procedures and standards will mitigate many of the previous interpretation issues. However, additional training and amplifying local procedures issued by the USAFRICOM J-1 may be necessary to fully implement its provisions and ensure consistent interpretation. Additionally, in February 2016, a class deviation became effective for the USAFRICOM area of responsibility (AOR). This deviation superseded Class Deviations 2014-O0005, and 2015-O0003. The deviation stated that contracting officers shall incorporate clause 252.225-7980, Contractor Personnel Performing in the United States Africa Command Area of Responsibility, in lieu of the clause at DFARS 252.225-7040, Contractor Personnel Supporting U.S. Armed Forces Deployed Outside the United States, in all solicitations and contracts, including solicitations and contracts using FAR part 12 procedures for the acquisition of commercial items that will require contractor personnel to perform in the United States Africa Command (USAFRICOM) area of responsibility. In addition, to the extent practicable, contracting officers shall modify current, active contracts with performance in the USAFRICOM AOR to include the clause 252.225-7980. The USAFRICOM Commander has identified a need to utilize the Synchronized Pre-deployment and Operational Tracker for all contracts performed in the AOR during all operational phases (including Phase 0), not limited to declared contingency operations. However, until CJCSM 3150.13C clarifying the types of contractor personnel and incorporating lessons learned from AFRICOM's implementation is finalized, this recommendation will remain open. As of July 2020, this CJSM had not been updated. Moreover, in July 2020, DOD stated that reissuance of DOD Instruction 3020.41, Operational Contract Support, is required in order to implement this recommendation. When DOD takes further action, we will update this recommendation.

Recommendation: To ensure that combatant commands are not contracting with entities that may be connected to or supporting prohibited organizations, the Secretary of Defense, in coordination with the Chairman of the Joint Chiefs of Staff, should develop guidance that clarifies the conditions under which combatant commands should have a foreign vendor vetting process or cell in place to determine whether potential vendors actively support any terrorist, criminal, or other sanctioned organizations, including clarifying when combatant commands should develop procedures for transmitting the names of any vendors identified through this process for inclusion in prohibited entities lists in the appropriate federal contracting databases, such as the System for Award Management.

Agency: Department of Defense
Status: Open
Priority recommendation

Comments: DOD concurred with this recommendation. As of July 2019, DOD has taken steps to develop foreign vendor vetting guidance, but is still working to determine key components of that guidance. Office of the Deputy of the Secretary of Defense issued a directive type memorandum in April 2018 that establishes policy and assigns responsibility for developing vendor vetting guidance to the Under Secretary of Defense for Acquisition and Sustainment, the Under Secretary of Defense for Policy, the Under Secretary of Defense for Intelligence, and the Chairman of the Joint Chiefs of Staff. Additionally, DOD established a foreign vendor vetting working group in January 2017 to, among other things, develop guidance that will define foreign vendor vetting as a distinct function and provide combatant commanders with guidance on addressing the risks associated with relying on commercial vendors. As of November 2019, OSD officials stated the working group is making progress to develop a formal charter, identify tools and strategies to enhance vendor vetting across the combatant commands, and establish a department-wide vendor vetting policy. Until DOD develops vendor vetting guidance, this recommendation will remain open. As of July 2020, DOD had extended its directive type memorandum, but had not developed vendor vetting guidance. When we confirm what additional actions the agency has taken in response to this recommendation, we will provide updated information.

Recommendation: To help agencies decide whether to use ESPCs to consolidate federal data centers, the Director of the Office of Management and Budget should document, for the purposes of scoring ESPCs, (1) what qualifies as energy-related savings and (2) the allowable proportion of energy and energy-related cost savings.

Agency: Executive Office of the President: Office of Management and Budget
Status: Open

Comments: In July 2020, GAO requested information on the status of the recommendation. We will update the recommendation's status when information is received from OMB.

Recommendation: To enhance the usefulness of NNSA's future reports to Congress describing the costs and benefits of its competition of M&O contracts under the requirements contained in Section 3121 of the National Defense Authorization Act for fiscal year 2013, as amended, the NNSA Administrator should take steps to ensure that future reports reflect DOE's information quality guidelines, federal cost accounting standards, and GAO's best practices guidance relevant to the clear and complete presentation of information on each of the required topics. In particular, future reports should clearly and completely describe costs and benefits, including the agency's expectations, as well as the associated analysis, assumptions, information sources, and key limitations and uncertainties about costs and benefits described. The description of uncertainties should include key excluded or unspecified costs and benefits, such as those that are anticipated but not fully known at the time of report writing.

Agency: Department of Energy: National Nuclear Security Administration
Status: Open

Comments: NNSA believes it has met the requirements of the recommendation and considers it closed. In our March 2015 report--which examined NNSA's report on the contract to manage and operate the Pantex Plant and the Y-12 National Security Complex under a single management and operating (M&O) contract with Consolidated Nuclear Services (CNS)--we recommended that NNSA enhance the clarity and completeness of its future reports on the costs and benefits of M&O contract competitions. While NNSA demonstrated progress in implementing this recommendation in its September 2017, August 2018, and April 2019 reports to Congress on the costs and benefits of the contract competitions for the Sandia, Nevada, and Los Alamos sites respectively, NNSA did not provide clear and complete information on all required elements of these reports. Specifically, for the Sandia National Laboratories M&O contract, in our August 2018 report we found that NNSA addressed most but not all reporting requirements. For example, NNSA's report addressed all requirements pertaining to cost savings, other benefits, and disruptions or delays, but only partially addressed the reporting requirements on the limitations or uncertainties about cost savings and on the immediate costs of competition and over the life of the contract. NNSA issued a report in August 2018 on the costs and benefits of its competition of the M&O contract for the Nevada National Security Site. In our April 2019 report on NNSA's cost-benefit analysis of that contract competition, we found that, of the five required reporting elements, NNSA's report addressed one with detail but addressed the other four without detail. In April 2019 NNSA issued its cost-benefit analysis of the competition for the Los Alamos National Laboratory contract. In our January 2020 report on NNSA's cost-benefit report for that contract competition, we found that it addressed five reporting elements on costs and disruption during contract transition with detail, partially addressed two reporting elements on uncertainties and benefits, and did not address one reporting element on activities to be covered by the M&O contractor. Since our 2015 recommendation, NNSA's cost-benefit reports on M&O contract competitions have generally provided clearer and more complete information on most of the required reporting elements, but they have not provided clear and complete information on all required reporting elements. In June 2020, NNSA announced that it would end the current CNS contract for Pantex and Y-12 management and operations instead of awarding the contractor its final option term. This will result in a new contract competition and award by the end of the current contract's term on September 30, 2021. The NNSA report on the costs and benefits of that competition may give us another opportunity to assess the quality of NNSA's reports for clarity and completeness on the required reporting elements.

Recommendation: To help ensure contracting officers carry out the requirements of Section 802, the Secretary of Defense, Secretary of State, and Administrator of USAID should revise the processes and guidance governing management reviews of procurements to ensure that such reviews assess whether contracting officers are complying with the provisions of Section 802.

Agency: Department of Defense
Status: Open

Comments: DOD concurred with GAO's recommendation. Following a May 2015 Federal Acquisition Regulation update to reflect the requirements of Section 802 of the National Defense Authorization Act for Fiscal Year 2013, the Office of Defense Procurement and Acquisition Policy drafted supplementary information for an update of the agency's Procedures, Guidance, and Information (PGI) that was considered and rejected by Defense Acquisition Regulation Council. In July 2019, the Office of Defense Pricing and Contracting reported that new PGI guidance would be drafted that will require management reviews to consider compliance with Section 802 requirements included in the Federal Acquisition Regulation. As of August 2020, we have been unable to determine the status of this guidance.

Recommendation: To improve management and oversight of the WOSB program, and to help ensure the effective oversight of third-party certifiers, the Administrator of SBA should establish and implement comprehensive procedures to monitor and assess performance of certifiers in accord with the requirements of the third-party certifier agreement and program regulations.

Agency: Small Business Administration
Status: Open

Comments: In response to this recommendation, SBA has taken some actions. For example, SBA created a standard operating procedure stating that third-party certifiers are subject to a compliance review by SBA at any time, and SBA has completed a review of the four authorized third-party certifiers. We continue to monitor SBA actions to address this recommendation.

Recommendation: To improve management and oversight of the WOSB program, and to provide reasonable assurance that only eligible businesses obtain WOSB set-aside contracts, the Administrator of SBA should enhance examination of businesses that register to participate in the WOSB program, including actions such as: (1) promptly completing the development of procedures to conduct annual eligibility examinations and implementing such procedures; (2) analyzing examination results and individual businesses found to be ineligible to better understand the cause of the high rate of ineligibility in annual reviews, and determine what actions are needed to address the causes; and (3) implementing ongoing reviews of a sample of all businesses that have represented their eligibility to participate in the program.

Agency: Small Business Administration
Status: Open

Comments: In response to this recommendation, SBA has created a standard operating procedure that includes some procedures for annual eligibility examinations. We continue to monitor SBA actions to address this recommendation.

Recommendation: To help ensure that EM more effectively manages all its projects, the Secretary of Energy should direct the Senior Advisor for Environmental Management and the Director of the Office of Management, as appropriate, to provide the Office of Acquisition and Project Management with information on EM's project classification decisions to ensure that all capital asset projects have been appropriately classified and are managed in accordance with DOE Order 413.3B.

Agency: Department of Energy
Status: Open

Comments: DOE agreed with our recommendation. EM is working with DOE's Office of Project Management to draft a Cleanup Project Management Policy (expected to be completed in fall 2020) to address the Decommissioning and Deactivation phase of cleanup. This policy will become an appendix in DOE's Order 413.3B. EM officials further stated that EM plans to develop an additional Cleanup Program Management Policy that would classify the remaining types of activities not covered by the Cleanup Project Management Policy, including what EM currently classifies as operations activities. EM plans to implement this policy by the end of fiscal year 2020.