GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
We make more than 1,000 recommendations annually to help improve government. We alert department heads to the recommendations that can save the most money, address issues on our High Risk List, or significantly improve their operations.
In fiscal year 2019, agencies across government made an estimated $175 billion in improper payments—payments that should not have been made or were made in the incorrect amount. But this total comes from individual agency estimates, which aren’t all reliable.
Q: How does the government help keep banks, water systems, and other critical infrastructure from getting hacked?
A: A federal agency that issues standards and procedures—NIST—has a cybersecurity framework that critical infrastructure organizations can adopt.
Federal agencies are increasingly using cloud computing services. Cloud computing offers benefits but also poses cybersecurity risks. OMB requires agencies to use the Federal Risk and Authorization Management Program to authorize their use of cloud services.
What GAO Found Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors.
What GAO Found The federal government spent about 75 percent of the total amount budgeted for information technology (IT) for fiscal year 2015 on operations and maintenance (O&M) investments. Such spending has increased over the past 7 fiscal years, which has resulted in a $7.