GAO’s recommendations database contains report recommendations that still need to be addressed.
GAO’s priority recommendations are those that we believe warrant priority attention.
We sent letters to the heads of key departments and agencies, urging them to continue focusing on these issues.
Below you can search only priority recommendations, or search all recommendations.
Our recommendations help congressional and agency leaders prepare for appropriations and oversight activities, as well as help improve government operations.
Moreover, when implemented, some of our priority recommendations can save large amounts of money, help Congress make decisions on major issues, and substantially improve or transform major government programs or agencies, among other benefits.
As of February 9, 2020, there are 4958 open recommendations, of which 422 are priority recommendations. Recommendations remain open until they are designated as Closed-implemented or Closed-not implemented.
Browse or Search Open Recommendations
Have a Question about a Recommendation?
For questions about a specific recommendation, contact the person or office listed with the recommendation.
For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or firstname.lastname@example.org.
Recommendation: To effectively manage its information security program, the Chairman of the SEC should maintain up-to-date network diagrams and asset inventories in the system security plans for General Support System and a key financial system to accurately and completely reflect the current operating environment.
Agency: United States Securities and Exchange Commission Status: Open Priority recommendation
Comments: SEC agreed with this recommendation and has taken initial steps to implement it. Specifically, the agency made progress both in updating its systems security plans with network diagrams and in creating a hardware asset inventory. However, SEC has not updated the network diagrams and asset inventories in all of the key security plans to reflect recent changes to system components. We will continue to evaluate SEC's progress in implementing this recommendation.