Skip to main content

Information Management

Jump To:

Recent Reports

View More Reports

Open Recommendations

Freedom of Information Act: National Guard Bureau Should Verify Data and Address Reported Challenges
GAO-26-108472
Jun 11, 2026
Show
6 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should ensure the Chief of the National Guard Bureau, in coordination with the Department of the Army and the Department of the Air Force, develops a process for relevant FOIA offices to more closely examine and verify National Guard FOIA data, such as FOIA requests received, processed, and backlogged. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Defense The Secretary of Defense should ensure the Chief of the National Guard Bureau analyzes NGB headquarters' FOIA workforce needs using verified FOIA data and determine the staffing level needed to timely process FOIA requests and address backlogs, if present. (Recommendation 2)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Defense The Secretary of Defense should ensure that the Chief of the National Guard Bureau finalize and implement a plan, including a timeline, to establish a shared online environment to improve communication between National Guard Bureau and National Guard FOIA officials in the field includes available tools and resources applicable to processing FOIA requests, and that these tools and resources are made available to National Guard FOIA personnel. (Recommendation 3)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Defense The Secretary of Defense should ensure that the DOD Chief FOIA Officer and the Chief of the National Guard Bureau, in collaboration with the Department of the Army and the Department of the Air Force, clarify the roles and responsibilities of each component in developing and standardizing training to Army National Guard FOIA managers and Air National Guard FOIA monitors. (Recommendation 4)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Defense The Secretary of Defense should ensure that the Chief of the National Guard Bureau, in collaboration with the Department of the Army and the Department of the Air Force, clarifies roles and responsibilities of each component in providing training for FOIA managers and monitors. (Recommendation 5)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of Defense The Secretary of Defense should ensure the Chief of the National Guard Bureau finalizes and distributes to National Guard FOIA officials a FOIA program manual for National Guard Bureau FOIA policies and processes, such as guidance on exemptions and redactions. (Recommendation 6)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Oil and Gas: Actions Needed to Improve Data Sharing at Interior
GAO-26-106475
Feb 20, 2026
Show
2 Open Recommendations
1 Priority
Agency Affected Recommendation Status
Department of the Interior
Priority Rec.
The Secretary of the Interior should develop a department-wide performance management strategy with measurable goals and time frames to improve data sharing across oil and gas bureaus, including retirement of manual processes and the ability to electronically accept key data for oversight of oil and gas development. (Recommendation 1)
Open
In commenting on this report, Interior stated that it agreed with this recommendation. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Department of the Interior The Secretary of the Interior should ensure that bureau officials adhere to Interior policy to formally document data-sharing agreements. (Recommendation 2)
Open
In commenting on this report, Interior stated that it agreed with this recommendation. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Artificial Intelligence: DOD Needs Department-Wide Guidance to Inform Acquisitions
GAO-23-105850
Jun 29, 2023
Show
3 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should ensure that the Chief Digital and AI Officer, in conjunction with other DOD acquisition policy offices as appropriate, prioritize establishing department-wide AI acquisition guidance, including leveraging key private company factors, as appropriate. (Recommendation 1)
Open – Partially Addressed
DOD agreed with this recommendation. To address it, the Chief Digital and AI Officer (CDAO) has taken and is planning to take several actions. For example, in November 2023, CDAO developed the DOD Data, Analytics, and AI Adoption Strategy, which includes guidance for DOD components on adopting and scaling AI capabilities. As of May 2025, DOD reported that CDAO has drafted a decision aid framework appendix to the strategy that is going through internal review. Additionally, in December 2024, DOD issued a federated AI construct implementation plan that introduces the management and performance assessment approach CDAO will employ across the department. DOD is also planning to pursue an iterative approach to identifying best practices for acquisition of data, analytics, and AI, including forthcoming information on DOD access to AI training data, guidelines for generative AI, a steering group on acquisition and contracting practices for business models, and establishing a contracting vehicle for acquiring enterprise solutions. These planned activities have the potential to address the recommendation. We will continue to assess DOD's efforts as it implements its plans.
Department of the Army After DOD issues department-wide AI acquisition guidance, the Secretary of the Army should establish service-specific AI acquisition guidance that includes oversight processes and clear goals for these acquisitions, and leverages key private company factors, as appropriate. (Recommendation 2)
Open
The Army agreed with this recommendation. As of Fall 2023, it noted that it expects to update the AI and Autonomy Roadmap after CDAO publishes its AI strategy. The Army is also delivering a Unified Data Reference Architecture to guide the implementation of interoperable data sharing across all Army acquisition programs. As of March 2025, the Army has not provided further information on its timeline for implementing this recommendation.
Department of the Navy After DOD issues department-wide AI acquisition guidance, the Secretary of the Navy should establish service-specific AI acquisition guidance that includes oversight processes and clear goals for these acquisitions, and leverages key private company factors, as appropriate. (Recommendation 3)
Open
The Navy agreed with this recommendation. As of February 2025, it noted that it expects to update AI acquisition guidance issued by the Secretary of the Navy where applicable within 90 days after CDAO issues its AI strategy. The Navy also reported in February 2025 that while it is waiting on the DOD AI guidance, several Systems Commands are starting to draft policy.
Department of the Air Force After DOD issues department-wide AI acquisition guidance, the Secretary of the Air Force should establish service-specific AI acquisition guidance that includes oversight processes and clear goals for these acquisitions, and leverages key private company factors, as appropriate. (Recommendation 4)
Open
The Air Force agreed with this recommendation. In November 2024, Air Force Officials told us they expect to address this recommendation by January 2026 by establishing Air Force-specific AI acquisition guidance after CDAO issues its AI strategy. We will continue to follow-up on the Air Force's plans to issue its AI acquisition guidance.

Information Management: Agencies Need to Streamline Electronic Services
GAO-23-105562
Dec 20, 2022
Show
11 Open Recommendations
Agency Affected Recommendation Status
Office of Management and Budget The Director of the Office of Management and Budget should take steps to promote, through mechanisms such as the Federal Privacy Council and Chief Information Officers Council, sharing of information and lessons learned to help agencies implement the requirements of the CASES Act; this could include SEC sharing information on overcoming challenges and identifying lessons learned. (Recommendation 1)
Open
As of March 2024, OMB has not yet provided information pertaining to planned actions for this recommendation. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.
Department of Defense The Secretary of Defense should establish a reasonable time frame for when the Department of Defense will be able to accept remote identity proofing with authentication, digitally accept access and consent forms from individuals who were properly identity proofed and authenticated, and post access and consent forms on the department's privacy program website. (Recommendation 2)
Open
As of March 2024, DOD has not yet provided information pertaining to planned actions for this recommendation. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.
Department of Health and Human Services The Secretary of Health and Human Services should establish a reasonable time frame for when the Department of Health and Human Services will be able to digitally accept access and consent forms from individuals who were properly identity proofed and authenticated and post access and consent forms on the department's privacy program website. (Recommendation 3)
Open
As of March 2024, HHS reported that it receives approximately 15,000 first-party request per year, 90% of which are received by the Centers for Medicare and Medicaid Services (CMS). In addition, the department noted that CMS added functionality to an existing electronic processing platform in September 2022 to allow users to choose between Login.gov and ID.me for digital proofing. The electronic processing platform is expected to permit CMS to accept remote identity proofing and authentication from individuals requesting access to their records. HHS also described its ongoing efforts towards being fully compliant with the CASES ACT and the Office of Management and Budget implementation guidance (M-21-04), but the department has not yet established a time frame for completion.
Department of the Interior The Secretary of Interior should establish a reasonable time frame for when the Department of the Interior will be able to accept remote identity proofing with authentication, digitally accept access and consent forms from individuals who were properly identity proofed and authenticated, and post access and consent forms on the department's privacy program website. (Recommendation 4)
Open
As of March 2024, DOI has not yet provided information pertaining to planned actions for this recommendation. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.
Department of Justice The Attorney General should establish a reasonable time frame for when the Department of Justice will be able to accept remote identity proofing with authentication, digitally accept access and consent forms from individuals who were properly identity proofed and authenticated, and post access and consent forms on the department's privacy program website. (Recommendation 5)
Open
As of March 2024, Justice noted that any solution to implement remote identity proofing with authentication consistent with the CASES ACT and the Office of Management and Budget implementation guidance (M-21-04) must meet NIST's technical standard known as "Identity Assurance Level 2" (IAL2). In addition, the Department stated that they had been exploring acquiring the remote identity proofing services known as Login.gov offered by the General Services Administration (GSA), as a means of complying with the requirements of the CASES Act and M-21-04. Further, Justice stated the concerns identified in the GSA Inspector General report have contributed to challenges that the Department has faced in finding a solution to facilitate CASES Act compliance.
Department of Transportation The Secretary of Transportation should establish a reasonable time frame for when the Department of Transportation will be able to accept remote identity proofing with authentication, digitally accept access and consent forms from individuals who were properly identity proofed and authenticated, and post access and consent forms on the department's privacy program website. (Recommendation 6)
Open
As of March 2024, DOT has not yet provided information pertaining to planned actions for this recommendation. Once the agency states that it has taken action, we plan to verify whether implementation has occurred.
View More Recommendations

Related Pages

GAO Contacts

Multimedia

Podcasts

Combating Deepfakes
Transcript
Department of Defense Efforts to Acquire Artificial Intelligence
Transcript
Real-Time Information Would Have Improved Federal Response to COVID-19
Transcript