GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
We make more than 1,000 recommendations annually to help improve government. We alert department heads to the recommendations that can save the most money, address issues on our High Risk List, or significantly improve their operations.
Q: How does the government help keep banks, water systems, and other critical infrastructure from getting hacked?
A: A federal agency that issues standards and procedures—NIST—has a cybersecurity framework that critical infrastructure organizations can adopt.
Extreme weather related to climate change potentially threatens utilities that produce drinking water and treat wastewater.
We examined federal technical and financial assistance to make such infrastructure more resilient to extreme weather and asked experts about additional options.
Federal agencies are increasingly using cloud computing services. Cloud computing offers benefits but also poses cybersecurity risks. OMB requires agencies to use the Federal Risk and Authorization Management Program to authorize their use of cloud services.
Environmental justice seeks to address the disproportionately high health and environmental risks found among low-income and minority communities by seeking their fair treatment and involvement in environmental policy.
There were 14 separate billion-dollar weather and climate disaster events in the U.S. in 2018—with a total cost of at least $91 billion. These costs will likely rise as the climate changes, researchers say.
What GAO Found The five agencies GAO reviewed—the Environmental Protection Agency (EPA), Forest Service, General Services Administration (GSA), Department of Housing and Urban Development (HUD), and Internal Revenue Service (IRS)—generally do not have policies or processes for identifying unneeded...
What GAO Found Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors.
What GAO FoundWhile the eight agencies GAO reviewedthe Departments of Agriculture, Commerce, Defense, Homeland Security, Justice, Labor, and Veterans Affairs, and the Environmental Protection Agencyvaried in the extent to which their cost-estimating policies and procedures addressed best practices,...