Recommendations Database

Jump To:

As of January 31, 2023, there are 4842 open recommendations that still need to be addressed. 473 of these are priority recommendations, those that we believe warrant priority attention. Learn more about our priority designation on our Recommendations page.

Search for open recommendations by agency, topic, subject, or keyword/phrase below, or view all open recommendations by agency.

Skip to main search results
Clear All Filters
1 - 12 of 12 Recommendations, including 3 Priority Recommendations

Federal Management: Selected Reforms Could Be Strengthened By Following Additional Planning, Communication, and Leadership Practices

Show
5 Open Recommendations
1 Priority
Agency Recommendation Status
Office of the Director The Director of OMB, working with DHS, should develop a government-wide implementation plan with goals, timelines, key milestones, and deliverables to track and communicate implementation progress of the reform proposal to solve the cybersecurity workforce shortage. (Recommendation 3)
Open

In June 2021, OMB informed us it had not yet developed a public implementation plan to address this recommendation. We reached out to OMB for an update in October 2022, and we are waiting for its response. We continue to believe that our recommendation is valid and will monitor the actions OMB may take to address the recommendation.

Office of the Director The Director of OMB, working with DHS, should provide additional information to describe how the projects and activities associated with the reform proposal to solve the cybersecurity workforce shortage will address our high-risk issues related to ensuring the cybersecurity of the nation. (Recommendation 4)
Open

In June 2021, OMB informed us that senior officials at OMB, including the former Deputy Director for Management, Federal Chief Information Officer, and Deputy Federal Chief Information Officer, had spoken publicly about how the projects and activities associated with the reform proposal would address high-risk issues pertaining to cybersecurity, especially with respect to our concern with cybersecurity capacity. While these public statements provide some information on how the reform will address cybersecurity capacity needs, more information is needed to demonstrate how the reform will ensure

Office of the Director
Priority Rec.
This is a priority recommendation.
The Director of OMB, working with DHS, should develop a government-wide workforce plan that assesses the effects of the reform proposal to solve the cybersecurity workforce shortage on the current and future federal workforce. (Recommendation 5)
Open

OMB did not comment on this recommendation. In April 2022, OMB relayed that it had placed efforts to implement this recommendation on hold because the National Cyber Director is planning to take the lead on cybersecurity workforce issues going forward. To fully implement this recommendation, OMB, working with DHS and the National Cyber Director, will need to develop a government-wide cybersecurity workforce plan to address the cybersecurity workforce shortage. Without this workforce plan, OMB will not be able to determine if the government is making progress, or when the government's

Office of the Director The Director of OMB, working with DHS, should develop a government-wide communications strategy to inform and, as appropriate, involve Congress, employees, and other stakeholders in implementation of the reform proposal to solve the cybersecurity workforce shortage. (Recommendation 1)
Open

In June 2021, OMB informed us it had not yet developed a public communications strategy to address this recommendation. We reached out to OMB for an update in October 2022, and we are waiting for its response. We continue to believe that our recommendation is valid and will monitor the actions OMB may take to address the recommendation.

Office of the Director The Director of OMB, working with DHS, should establish a dedicated government-wide leadership team with responsibility for implementing the reform proposal to solve the cybersecurity workforce shortage. (Recommendation 2)
Open

In June 2021, OMB informed us it had not established a dedicated government-wide leadership team for implementing the reform proposal to solve the cybersecurity workforce shortage. However, OMB informed us that it does provide support to government-wide efforts to address the cybersecurity workforce shortage. We reached out to OMB for an update in October 2022, and are waiting for its response. We continue to believe that our recommendation is valid and will monitor the actions OMB may take to address the recommendation.

Information Management: Selected Agencies Need to Fully Address Federal Electronic Recordkeeping Requirements

Show
5 Open Recommendations
1 Priority
Agency Recommendation Status
Office of the Director The Director of the Office of Management and Budget should ensure, in conjunction with the Executive Office of the President's Office of Administration, that existing policies and procedures incorporate the management of electronic records into its overall records management program. (Recommendation 22)
Open

The Office of Management and Budget did not state whether or not it concurred with this recommendation. As of March 2022, we had not received information pertaining to planned actions for this recommendation. Once the office states that it has taken action, we plan to verify whether implementation has occurred.

Office of the Director The Director of the Office of Management and Budget should establish a time frame to develop an inventory of electronic information systems used to store agency records that includes all of the required elements. (Recommendation 23)
Open

The Office of Management and Budget did not state whether or not it concurred with this recommendation. As of March 2022, we had not received information pertaining to planned actions for this recommendation. Once the office states that it has taken action, we plan to verify whether implementation has occurred.

Office of the Director
Priority Rec.
This is a priority recommendation.
The Director of the Office of Management and Budget should establish a time frame to update its policies and procedures to include all of the required electronic information system functionalities for recordkeeping systems. (Recommendation 24)
Open

The Office of Management and Budget concurred with our recommendation. In March 2022, in response to our recommendation, OMB noted that the Executive Office of the President's Office of Administration is responsible for records management for all Executive Office components and has procedures that incorporate the management of electronic records into their records management program. However, OMB did not provide a time frame or evidence that its policies and procedures were updated to include all of the required electronic information system functionalities for recordkeeping systems.

Office of the Director The Director of the Office of Management and Budget should establish a time frame to ensure, in conjunction with the Office of Administration, that policies and procedures include the (1) following records management controls required for electronic information systems: reliability, context, and structure and (2) required preservation mechanisms to ensure that records in its electronic recordkeeping system will be retrievable and useable. (Recommendation 25)
Open

The Office of Management and Budget did not state whether or not it concurred with this recommendation. As of March 2022, we had not received information pertaining to planned actions for this recommendation. Once the office states that it has taken action, we plan to verify whether implementation has occurred.

Office of the Director The Director of the Office of Management and Budget should ensure, in conjunction with the Office of Administration, that existing policies and procedures include the required retention and management requirements for email. (Recommendation 26)
Open

The Office of Management and Budget did not state whether or not it concurred with this recommendation. As of March 2022, we had not received information pertaining to planned actions for this recommendation. Once the office states that it has taken action, we plan to verify whether implementation has occurred.

Technology Modernization Fund: OMB and GSA Need to Improve Fee Collection and Clarify Cost Estimating Guidance for Awarded Projects

Show
1 Open Recommendations
Agency Recommendation Status
Office of the Director The Director of OMB should develop and implement a plan with GSA that outlines the actions needed to fully recover the TMF Program Management Office's operating expenses with administrative fee collection in a timely manner. (Recommendation 1)
Open

The Office of Management and Budget (OMB) has not yet fully addressed our recommendation. In January 2021, a copy of the Technology Modernization Fund's (TMF) fee rate memo for fiscal year 2020 was provided to address our recommendation. While our review of the rate memo found that language had been included to take into account scenarios where project changes might affect award funding and fee collection, the rate memo did not constitute a plan that outlined the actions needed to fully recover the TMF Program Management Office's operating expenses with fee collection, as we had recommended

Cloud Computing Security: Agencies Increased Their Use of the Federal Authorization Program, but Improved Oversight and Implementation Are Needed

Show
1 Open Recommendations
1 Priority
Agency Recommendation Status
Office of the Director
Priority Rec.
This is a priority recommendation.
The Director of OMB should establish a process for monitoring and holding agencies accountable for authorizing cloud services through FedRAMP. (Recommendation 1)
Open

In April 2022, OMB stated that it was coordinating with federal agencies and the General Services Administration's FedRAMP to improve administrative processes. Additionally, OMB stated it worked with GSA to establish a program designed to collaborate with federal agencies. In April 2022, an OMB official stated OMB issued guidance to require agencies to report which cloud services have been authorized for use at their agency. However, to fully implement this recommendation, OMB needs to provide evidence of holding agencies accountable for authorizing services through FedRAMP. We will update the

Have a Question about a Recommendation?

For questions about a specific recommendation, contact the person or office listed with the recommendation. For general information about recommendations, contact GAO's Audit Policy and Quality Assurance office at (202) 512-6100 or apqa@gao.gov.