What GAO Discovered

Federal agencies and the Business office of Management and Funds (OMB) have taken actions to improve the management of data know-how (IT) acquisitions and functions and guarantee the nation’s cybersecurity by a sequence of initiatives. As of July 2020, federal businesses had absolutely executed 64 percent of the 1,376 IT administration-linked recommendations that GAO has created to them since fiscal calendar year 2010. Also, agencies had carried out 79 per cent of the 3,409 stability-connected suggestions that GAO has manufactured considering that fiscal yr 2010. However, substantial steps continue being to be accomplished to construct on this progress.

Chief Details Officer (CIO) duties. Rules such as the Federal Information Technology Acquisition Reform Act (FITARA) and related assistance assign 35 essential duties to agency CIOs to assistance tackle longstanding IT management difficulties. In August 2018, GAO documented that none of the 24 chosen agencies experienced established guidelines that entirely tackled the function of their CIO. GAO advised that OMB and the 24 companies choose actions to make improvements to the efficiency of CIOs’ implementation of their duties. Despite the fact that most businesses agreed or did not comment, only 4 of the 27 suggestions have been implemented.

CIO IT acquisition overview. According to FITARA, protected agencies’ CIOs are demanded to evaluate and approve IT contracts. Nevertheless, in January 2018, GAO reported that most of the CIOs at 22 protected companies ended up not sufficiently included in examining billions of pounds of IT acquisitions. Due to the fact then, agencies applied 29 out of 39 tips created to strengthen CIO oversight for these acquisitions. Utilizing the remaining 10 could increase CIOs’ authority and strengthen the administration of IT contracts.

Consolidating data centers. OMB released an initiative in 2010 to minimize knowledge facilities. According to the 24 coated companies, this initiative has resulted in approximately $4.7 billion in expense cost savings from fiscal several years 2012 by 2019. Even so, further perform stays. As of July 2020, OMB and companies applied 133 of the 204 tips manufactured to strengthen the reporting of related expense savings and to achieve optimization targets. Implementing the remaining recommendations could yield extra value financial savings.

Controlling software licenses. Efficient administration of application licenses can enable stay away from acquiring too lots of licenses that end result in unused software package. In May perhaps 2014, GAO described that greater management of licenses was wanted to obtain discounts and created 135 suggestions to boost this sort of administration. Businesses have carried out 123 of the 135 suggestions. Employing the remaining 12 could minimize expending and duplication.

Guaranteeing the nation’s cybersecurity. GAO continues to designate details stability as a govt-broad superior-risk area due to rising cyber-dependent threats and the persistent character of stability vulnerabilities. Considering the fact that fiscal yr 2010, GAO has produced 3,409 suggestions to businesses aimed at addressing cybersecurity troubles. As of July 2020, 79 per cent of the suggestions have been carried out. Till the remaining suggestions are addressed, agencies’ info and IT programs will be progressively susceptible to the present multitude of cyber-associated threats.

Why GAO Did This Research

Each yr, the federal governing administration invests over $90 billion in IT. Even so, IT investments have also typically failed or contributed small to mission-similar results. Significantly subtle threats and frequent cyber incidents also underscore the have to have for efficient info safety. To focus notice on these fears, GAO has included each the management of IT acquisitions and functions and cybersecurity on its higher-risk record.

For this assertion, GAO summarized its key related studies and assessed agencies’ development in employing the reports’ suggestions. Specifically, GAO reviewed the implementation of recommendations on (1) CIO obligations, (2) IT acquisition assessment demands, (3) facts center consolidation, (4) the administration of computer software licenses, and (5) cybersecurity.

What GAO Suggests

Considering the fact that fiscal calendar year 2010, GAO has built 1,376 tips to OMB and agencies to deal with shortcomings in IT acquisitions and operations, as perfectly as 3,409 suggestions to companies to strengthen the stability of federal systems. These tips tackled, between other things, implementation of CIO duties, oversight of the information center consolidation initiative, management of application licenses, and the efficacy of safety packages. Employing these suggestions is essential to strengthening federal agencies’ IT acquisitions, operations, and cybersecurity efforts.

For more facts, get in touch with Carol C. Harris at (202) 512-4456 or [email protected]