Skip to main content

Information Technology

Jump To:

Recent Reports

View More Reports

Open Recommendations

IT Systems Annual Assessment: DOD Needs to Improve Performance Reporting and Cybersecurity Planning
GAO-25-107649
Jun 12, 2025
Show
1 Open Recommendations
Agency Affected Recommendation Status
Department of Defense The Secretary of Defense should direct the Chief Information Officer and Under Secretary of Defense for Acquisition and Sustainment to ensure that IT business programs identify and report results data on the minimum number of performance metrics in each category, as appropriate, as part of the department's submission to the Federal IT Dashboard. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Information Technology: Government-Wide Guidance on Handling Data Could Improve Civil Rights and Civil Liberties Protections
GAO-25-106057
Nov 19, 2024
Show
1 Open Recommendations
Agency Affected Recommendation Status
Congress To assist federal agencies with consistently implementing civil rights and civil liberties protections when collecting, sharing, and using data, we suggest that Congress direct an appropriate federal entity to issue government-wide guidance or regulations addressing this matter. In its direction, Congress should consider delegating to such entity the explicit authority to make needed technical and policy choices or explicitly stating Congress's own choices.
Open
As of February 2025, legislative action has not yet occurred to address this matter.

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements
GAO-25-107041
Nov 14, 2024
Show
46 Open Recommendations
Agency Affected Recommendation Status
Office of Management and Budget The Director of OMB should update existing guidance or issue new guidance to agencies to implement a process to assist agencies in reviewing their IT portfolios that includes the requirements provided in FITARA. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Office of Management and Budget The Director of OMB should develop standardized performance metrics for agencies to implement the IT portfolio review process, as prescribed by FITARA. (Recommendation 2)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Office of Management and Budget The Director of OMB should ensure that the Federal CIO carries out its role in annually reviewing each agency's IT portfolio that is conducted by each agency's CIO in conjunction with the Chief Operating Officer or Deputy Secretary (or equivalent) and the Federal CIO, as prescribed by FITARA. (Recommendation 3)
Open
OMB did not explicitly agree or disagree with this recommendation. It stated that it had adopted an alternative process to meet this requirement due to budget constraints and increased workload. Specifically, OMB stated that it had integrated IT portfolio reviews into the budget and reporting processes. However, as we discussed in the report, these interactions did not fully meet the statutory requirements. In October 2024, OMB stated that it would continue to assess potential adjustments to the annual IT portfolio review process and evaluate our recommendations on how to further strengthen these reviews. As of March 2025, OMB did not have an update on the status of this recommendation.
Office of Management and Budget The Director of OMB should direct the Federal CIO to submit a quarterly report to the FITARA-identified committees in Congress on the cost savings and reductions in duplicative IT investments identified through the IT portfolio review process, as prescribed by FITARA. (Recommendation 4)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Office of Management and Budget The Director of OMB should direct the Federal CIO to ensure that the agency cost savings on the IT Dashboard that are being used to fulfill statutory requirements to report to Congress are accurate and correctly attributed to IT portfolio review. (Recommendation 5)
Open
The agency did not agree or disagree with this recommendation. At the time of our report, OMB stated that it is the agencies' responsibility to ensure that the data submitted to the IT Dashboard are accurate and noted that the office does not have the resources to verify all the data entered by agencies. As of March 2025, OMB did not have an update on the status of this recommendation.
Office of Management and Budget The Director of OMB should submit to Congress a report on the net program performance benefits achieved as a result of major capital investments made by agencies for information systems and how the benefits relate to the accomplishment of the goals of the agencies, as prescribed by FITARA. (Recommendation 6)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses
GAO-25-107114
Nov 13, 2024
Show
12 Open Recommendations
Agency Affected Recommendation Status
Department of Justice The Attorney General should update and implement Department of Justice guidance to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 1)
Open
We will update the status of this recommendation when DOJ provides its 180-day letter (expected May 2025).
Department of Justice The Attorney General should assign and document responsibility for identifying and managing potential impacts of restrictive software licensing practices across the department. (Recommendation 2)
Open
We will update the status of this recommendation when DOJ provides its 180-day letter (expected May 2025).
Department of Transportation The Secretary of Transportation should update and implement guidance to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 3)
Open
We will update the status of this recommendation when DOT provides its 180-day letter (expected May 2025).
Department of Transportation The Secretary of Transportation should assign and document responsibility for identifying and managing potential impacts of restrictive software licensing practices across the department. (Recommendation 4)
Open
We will update the status of this recommendation when DOT provides its 180-day letter (expected May 2025).
Department of Veterans Affairs The Secretary of Veterans Affairs should update and implement guidance to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 5)
Open
We will update the status of this recommendation when VA provides its 180-day letter (expected May 2025).
Department of Veterans Affairs The Secretary of Veterans Affairs should assign and document responsibility for identifying and managing potential impacts of restrictive software licensing practices across the department. (Recommendation 6)
Open
We will update the status of this recommendation when VA provides its 180-day letter (expected May 2025).
View More Recommendations

Related Pages

GAO Contacts