Information Technology: Implementation of GAO Recommendations Would Strengthen Federal Agencies’ Acquisitions, Operations, and Cybersecurity Efforts

The Office of Management and Budget (OMB) and federal agencies have taken steps to improve the management of information technology (IT) acquisitions and operations and ensure federal cybersecurity through a series of initiatives. As of June 2019, federal agencies had fully implemented 60 percent of the 1,277 IT management-related recommendations that GAO has made to them since fiscal year 2010. Likewise, agencies had implemented 78 percent of the 3,058 security-related recommendations that GAO has made since 2010. Even with this progress, significant actions remain to be completed.

The federal government plans to spend over $90 billion in fiscal year 2019 on IT. Even so, IT investments have too often failed or contributed little to mission-related outcomes. Further, increasingly sophisticated threats and frequent cyber incidents underscore the need for effective information security. To focus attention on these concerns, GAO’s high-risk list includes both the management of IT acquisitions and operations and cybersecurity.