GAO is rolling out a series of repots on cybersecurity and the acquisition and management of IT. Image: stefano carniccio/Shutterstock.com
By: FEDweek StaffThe GAO is issuing a series of reports on federal agency IT issues, with common themes across agencies of cybersecurity and the acquisition and management of IT—two areas on the GAO’s high-risk list that also have been the subject of recommendations specific to the agencies.
For example, a report to the CIO at HUD says the department “needs to fully implement security controls to protect the vast amount of sensitive information the department collects” and to fully implement “leading practices for managing requirements and mitigating risks, estimating cost and schedule, and conducting oversight for the department’s Federal Housing Administration Catalyst program.”
Similarly, it said Justice “needs to make progress in its cybersecurity incident response preparedness by taking steps to improve its investigation and remediation capabilities” and should “track in-use software licenses” and “complete annual reviews of its IT portfolio consistent with federal requirements.”
Also for example, the NRC should better track all security events to help it “detect, investigate, and remediate cyber threats” and should develop guidance regarding standardizing cloud service level agreements to “help ensure that the agency is consistently holding its cloud service providers accountable for their service performance.”
Key Bills Advancing, but No Path to Avoid Shutdown Apparent
TSP Adds Detail to Upcoming Roth Conversion Feature
White House to Issue Rules on RIF, Disciplinary Policy Changes
DoD Announces Civilian Volunteer Detail in Support of Immigration Enforcement
See also,
How Do Age and Years of Service Impact My Federal Retirement
The Best Ages for Federal Employees to Retire
How to Challenge a Federal Reduction in Force (RIF) in 2025
Should I be Shooting for a $1M TSP Balance? Depends…
FERS Retirement Guide 2025 – Your Roadmap to Maximizing Federal Retirement Benefits
