GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
What GAO Found Beginning as early as January 2019, a threat actor breached the computing networks at SolarWinds—a Texas-based network management software company, according to the company's Chief Executive Officer.
What GAO Found Based on GAO's preliminary results, in fiscal year 2020, the effectiveness of federal agencies' implementation of requirements set by the Federal Information Security Modernization Act of 2014 (FISMA) varied.
What GAO Found As GAO reported in September 2019, the Federal Communications Commission (FCC) bolstered the capacity and performance of the Electronic Comment Filing System (ECFS) to reduce the risk of future service disruptions.
What GAO Found In working to implement three selected government-wide reforms that GAO reviewed, the Office of Management and Budget (OMB) and lead agencies followed some, but not all, of the key practices associated with effective reforms.
What GAO Found The Department of Defense (DOD) has not fully implemented three of its key initiatives and practices aimed at improving cyber hygiene. Carnegie-Mellon University defines cyber hygiene as a set of practices for managing the most common and pervasive cybersecurity risks.
What GAO Found Under the Federal Information Security Modernization Act of 2014 (FISMA 2014), the agency chief information security officer (CISO) has the responsibility to ensure that the agency is meeting the requirements of the law, including developing, documenting, and implementing the agency-wide...