GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
In 2018, the administration released its government-wide reform plan aimed at making the federal government more efficient and effective. The Office of Management and Budget oversees the proposals with support from other lead agencies.
Q: How does the government help keep banks, water systems, and other critical infrastructure from getting hacked?
A: A federal agency that issues standards and procedures—NIST—has a cybersecurity framework that critical infrastructure organizations can adopt.
Federal agencies are increasingly using cloud computing services. Cloud computing offers benefits but also poses cybersecurity risks. OMB requires agencies to use the Federal Risk and Authorization Management Program to authorize their use of cloud services.
What GAO Found Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors.
Since 2001, the National Archives and Records Administration (NARA) has been working to develop the policies and plans to build the Electronic Records Archives (ERA), a major information system that is intended to preserve and provide access to massive volumes of all types and formats of electronic records....
GAO reviewed efforts by the Interagency Security Committee (ISC) to protect critical federal infrastructure since the committee was created in 1995. ISC is chaired by the General Services Administration (GSA) and comprises 14 department-level agencies and other executive agencies and officials.