Federal Government Vulnerabilities Highlighted in GAO 2019 High Risk List

The biennial High-Risk List released by the Government Accountability Office (GAO) identified 35 federal government vulnerability areas. While many of these areas are carried over from the last list, several areas of progress spark hope, and several areas of regression spark worry.

Since 2017, seven high-risk areas of the federal government have shown progress. Two areas showed enough progress to be removed from the list entirely. These two areas were the Department of Defense (DOD) Supply Chain Management and The National Oceanic and Atmospheric Administration (NOAA) Weather Satellite Data. Both agencies took GAO recommendations to improve data collection and transparency in their respective areas. The GAO predicts these decisions will save the agencies millions of dollars in taxpayer funds and better allow them to meet mission goals. The DOD Supply Chain Management System had been on the list for 29 years. The NOAA Weather Satellite Data had been on the list for six years.

Added to the list in 2019 were the Government-Wide Personnel Security Clearance Process and the Department of Veterans Affairs (VA) Acquisition Management System. Breaking from tradition, the GAO added the security clearance process to the list in January 2018 to highlight the situation’s urgency.

“We placed the government-wide personnel security clearance process on the High-Risk List in January 2018 because it faces significant challenges related to (1) the timely processing of clearances, (2) measuring investigation quality, and (3) ensuring IT security, among other things,” the report explained. “The executive branch has been unable to process personnel security clearances within established timeliness objectives, contributing to a backlog that the NBIB reported being approximately 565,000 cases as of February 2019.”

The report noted that while some actions have been taken to address this issue, related agencies still need a clear action plan to combat the massive backlog. The report continued that the GAO is eager to evaluate the Trusted Workforce 2.0 plan developed by representatives from the intelligence community, Department of Defense, Office of Personnel Management (OPM), and Office of Management and Budget (OMB).

Within VA Acquisition Management, the GAO noted that the VA has one of the largest discretionary budgets as well as one of the largest acquisition needs. GAO explained that antiquated regulations and policies, a lack of an effective medical supplies procurement strategy, inadequate acquisition training, a variety of contracting officer workload challenges, a lack of reliable data systems, and a prevalence of leadership instability prevent the agency from using their budget effectively.

Since 2015, the GAO has made 31 recommendations to improve the agency, and only ten have been implemented, earning the agency a spot on the list.

While all areas of the list require considerable attention to avoid waste and abuse, the GAO identified nine areas of urgent need, including Ensuring the Cybersecurity of the Nation, Resolving the Federal Role in Housing Finance, addressing Pension Benefit Guaranty Corporation Insurance Programs, Managing Risks and Improving VA Health Care, and ensuring an effective 2020 Decennial Census.