GAO’s high-priority recommendations for GSA fall into just two broad categories, property management and cybersecurity, says a report that adds four new recommendations that bring the total outstanding for the GSA to eight.
In the latest in a series of status reports on agency responses to its recommendations, GAO said that GSA has closed one of its top priority recommendations within the last year, involving submitting a cybersecurity risk management report to OMB and DHS.
Still-pending recommendations regarding cybersecurity include that GSA: update its policies and procedures to document its designated cybersecurity-risk executive function, including a description of the risk executive’s responsibility for organization-wide cybersecurity risk management; and conduct an agency-wide risk assessment that provides for aggregating information from system-level risk assessment results, continuous monitoring, and any relevant strategic risk considerations.
Two of the property management recommendations involve the long-running DHS headquarters consolidation project, relating to needs assessments, cost-benefit analyses and evaluating leasing versus construction options.
Others included that GSA: explore loaning funds to agencies to cover needed improvements to newly leased space, costs that would otherwise have to be financed for new leases; better estimate the full operations and maintenance costs of design choices in its Design Excellence program; improve the accuracy of information in the public real-property database; and assess the data it uses to calculate reported cost savings from the broker program and address any reliability issues it identifies.