GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
What GAO Found In working to implement three selected government-wide reforms that GAO reviewed, the Office of Management and Budget (OMB) and lead agencies followed some, but not all, of the key practices associated with effective reforms.
What GAO Found Most of the nine agencies with a lead role in protecting the 16 critical infrastructure sectors, as established by federal policy and referred to as sector-specific agencies (SSAs), have not developed methods to determine the level and type of adoption of the National Institute of Standards...
What GAO Found As required by the Federal Cybersecurity Workforce Assessment Act of 2015 (act), the Office of Personnel Management (OPM) developed a cybersecurity coding structure under the National Initiative for Cybersecurity Education (NICE) as well as procedures for assigning codes to federal civilian...
What GAO Found Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors.
The Defense Logistics Agency's (DLA) mission is, in part, to provide food, fuel, medical supplies, clothing, spare parts for weapon systems, and construction materials to sustain military operations and combat readiness.
Radio frequency identification (RFID) is an automated data-capture technology that can be used to electronically identify, track, and store information contained on a tag that is attached to or embedded in an object, such as a product, case, or pallet.
To protect personnel, equipment, and assets, military commanders are required to apply a risk management approach to determine the likelihood that a threat will harm physical assets or individuals and to identify actions to reduce risk and mitigate the consequences of an attack.
Critical infrastructure protection (CIP) involves activities that enhance the security of the nation's cyber and physical public and private infrastructures that are essential to national security, economic activity, and public health and safety.
To better protect the nation's critical computer-dependent infrastructures from computer-based attacks and disruption, the President issued a directive in 1998 that established the National Infrastructure Protection Center as a national focal point for gathering information on threats and facilitating...