December 4, 2021

News

News Network

Department of Energy: Improvements Needed to Strengthen Strategic Planning for the Acquisition Workforce

8 min read
<div>What GAO Found The Department of Energy (DOE) is one of the largest civilian contracting agencies in the federal government, with about 80 percent of its annual obligations for contracts. Staff in most federal positions in DOE are involved in the acquisition process, according to officials from offices included in GAO's review—the Office of Science, the Office of Environmental Management (EM), and the National Nuclear Security Administration (NNSA). Some of these staff, such as contracting officers, hold federal or DOE acquisition certifications. DOE generally requires acquisition-related training only for certified staff—which represent about 15 percent of DOE's workforce (see figure)—and maintains training requirements for only these staff through the agency's Acquisition Career Management Program. Numbers of DOE Staff with Acquisition Certifications, as of March 2021 DOE generally does not require acquisition-related training for noncertified staff, many of whom may play a critical role in DOE's acquisition process. Office of Federal Procurement Policy guidance states that agencies should consider the functions performed by staff members, such as requirements development by a technical expert, and include any significant acquisition-related positions in their acquisition training programs. By reviewing the criteria for inclusion in its Acquisition Career Management Program and developing training requirements for noncertified staff that meet these criteria, DOE can better ensure it has the capacity to oversee its contracts. The three DOE offices included in GAO's review have each implemented two of the five leading practices for effective strategic planning for their acquisition workforces, and have partially implemented the remaining three practices. For example, these offices have taken some steps to identify workforce need, but have not fully identified skill and competency gaps—including types and numbers of positions required to close gaps—for their acquisition workforces, as recommended by leading practices. Further, senior DOE and NNSA officials have raised concerns that they do not have enough staff or staff with the right skills in the acquisition workforce to properly oversee contracts. However, NNSA has conducted limited evaluations of gaps in skills and competencies for some positions in its acquisition workforce, and the other offices in GAO's review have not conducted such analyses. With a more complete and thorough understanding of skill and competency gaps for its acquisition workforce, DOE can improve the information it has available to develop its budget and other strategies to build a workforce with the right skills and of the right size to address the agency's long-standing issues with contract management. Why GAO Did This Study DOE's federal acquisition workforce is responsible for managing risks throughout the contracting, or acquisition, process. GAO designated DOE contract and project management as a high-risk area because of DOE's record of inadequate contract management. Senate Report No. 116-48 accompanying the National Defense Authorization Act for Fiscal Year 2020 includes a provision for GAO to review issues affecting DOE's acquisition workforce. This report examines (1) the positions included in DOE's acquisition workforce and the extent to which this workforce receives acquisition-related training and (2) the extent to which DOE has implemented leading practices for effective strategic planning for its acquisition workforce. GAO's review included the Office of Science, EM, and NNSA, which represented over 75 percent of DOE obligations for contracts in fiscal year 2019. GAO reviewed regulations, policies, and workforce planning documents; interviewed officials; and compared information to leading practices on workforce planning.</div>

What GAO Found

The Department of Energy (DOE) is one of the largest civilian contracting agencies in the federal government, with about 80 percent of its annual obligations for contracts. Staff in most federal positions in DOE are involved in the acquisition process, according to officials from offices included in GAO’s review—the Office of Science, the Office of Environmental Management (EM), and the National Nuclear Security Administration (NNSA). Some of these staff, such as contracting officers, hold federal or DOE acquisition certifications. DOE generally requires acquisition-related training only for certified staff—which represent about 15 percent of DOE’s workforce (see figure)—and maintains training requirements for only these staff through the agency’s Acquisition Career Management Program.

Numbers of DOE Staff with Acquisition Certifications, as of March 2021

DOE generally does not require acquisition-related training for noncertified staff, many of whom may play a critical role in DOE’s acquisition process. Office of Federal Procurement Policy guidance states that agencies should consider the functions performed by staff members, such as requirements development by a technical expert, and include any significant acquisition-related positions in their acquisition training programs. By reviewing the criteria for inclusion in its Acquisition Career Management Program and developing training requirements for noncertified staff that meet these criteria, DOE can better ensure it has the capacity to oversee its contracts.

The three DOE offices included in GAO’s review have each implemented two of the five leading practices for effective strategic planning for their acquisition workforces, and have partially implemented the remaining three practices. For example, these offices have taken some steps to identify workforce need, but have not fully identified skill and competency gaps—including types and numbers of positions required to close gaps—for their acquisition workforces, as recommended by leading practices.

Further, senior DOE and NNSA officials have raised concerns that they do not have enough staff or staff with the right skills in the acquisition workforce to properly oversee contracts. However, NNSA has conducted limited evaluations of gaps in skills and competencies for some positions in its acquisition workforce, and the other offices in GAO’s review have not conducted such analyses. With a more complete and thorough understanding of skill and competency gaps for its acquisition workforce, DOE can improve the information it has available to develop its budget and other strategies to build a workforce with the right skills and of the right size to address the agency’s long-standing issues with contract management.

Why GAO Did This Study

DOE’s federal acquisition workforce is responsible for managing risks throughout the contracting, or acquisition, process. GAO designated DOE contract and project management as a high-risk area because of DOE’s record of inadequate contract management.

Senate Report No. 116-48 accompanying the National Defense Authorization Act for Fiscal Year 2020 includes a provision for GAO to review issues affecting DOE’s acquisition workforce. This report examines (1) the positions included in DOE’s acquisition workforce and the extent to which this workforce receives acquisition-related training and (2) the extent to which DOE has implemented leading practices for effective strategic planning for its acquisition workforce.

GAO’s review included the Office of Science, EM, and NNSA, which represented over 75 percent of DOE obligations for contracts in fiscal year 2019. GAO reviewed regulations, policies, and workforce planning documents; interviewed officials; and compared information to leading practices on workforce planning.

More from:

News Network

  • Higher Education: IRS and Education Could Better Address Risks Associated with Some For-Profit College Conversions
    In U.S GAO News
    GAO identified 59 for-profit college conversions that occurred from January 2011 through August 2020, almost all of which involved the college's sale to a tax-exempt organization. In about one-third of the conversions, GAO found that former owners or other officials were insiders to the conversion—for example, by creating the tax-exempt organization that purchased the college or retaining the presidency of the college after its sale (see figure). While leadership continuity can benefit a college, insider involvement in a conversion poses a risk that insiders may improperly benefit—for example, by influencing the tax-exempt purchaser to pay more for the college than it is worth. Once a conversion has ended a college's for-profit ownership and transferred ownership to an organization the Internal Revenue Service (IRS) recognizes as tax-exempt, the college must seek Department of Education (Education) approval to participate in federal student aid programs as a nonprofit college. Since January 2011, Education has approved 35 colleges as nonprofit colleges and denied two; nine are under review and 13 closed prior to Education reaching a decision. Figure: Example of a For-Profit College Conversion with Officials in Insider Roles IRS guidance directs staff to closely scrutinize whether significant transactions with insiders reported by an applicant for tax-exempt status will exceed fair-market value and improperly benefit insiders. If an application contains insufficient information to make that assessment, guidance says that staff may need to request additional information. In two of 11 planned or final conversions involving insiders that were disclosed in an application, GAO found that IRS approved the application without certain information, such as the college's planned purchase price or an appraisal report estimating the college's value. Without such information, IRS staff could not assess whether the price was inflated to improperly benefit insiders, which would be grounds to deny the application. If IRS staff do not consistently apply guidance, they may miss indications of improper benefit. Education has strengthened its reviews of for-profit college applications for nonprofit status, but it does not monitor newly converted colleges to assess ongoing risk of improper benefit. In two of three cases GAO reviewed in depth, college financial statements disclosed transactions with insiders that could indicate the risk of improper benefit. Education officials agreed that they could assess this risk through its audited financial statement review process and could develop procedures to do so. Until Education develops and implements such procedures for new conversions, potential improper benefit may go undetected. A for-profit college may convert to nonprofit status for a variety of reasons, such as wanting to align its status and mission. However, in some cases, former owners or other insiders could improperly benefit from the conversion, which is impermissible under the Internal Revenue Code and Higher Education Act of 1965, as amended. GAO was asked to examine for-profit college conversions. This report reviews what is known about insider involvement in conversions and to what extent IRS and Education identify and respond to the risk of improper benefit. GAO identified converted for-profit colleges and reviewed their public IRS filings. GAO also examined IRS and Education processes for overseeing conversions, interviewed agency officials, and reviewed federal laws, regulations and agency guidance. GAO selected five case study colleges based on certain risk factors, obtained information from college officials, and reviewed their audited financial statements. In three cases, GAO also reviewed Education case files. Because of the focus on IRS and Education oversight, GAO did not audit any college in this review to determine whether its conversion improperly benefitted insiders. GAO is making three recommendations, including that IRS assess and improve conversion application reviews and that Education develop and implement procedures to monitor newly converted colleges. IRS said it will assess its review process and will evaluate GAO's other recommendation, as discussed in the report. Education agreed with GAO's recommendation. For more information, contact Melissa Emrey-Arras at (617) 788-0534 or emreyarrasm@gao.gov.
    [Read More…]
  • Judiciary Report Underscores Commitment to Civics Education
    In U.S Courts
    Federal courts are approaching the 2020-2021 academic year with an endorsement of volunteer civics education efforts by judges and a willingness to support teachers in bringing the human face of the Judiciary into their civics and government classes, whether students are at home or in school.
    [Read More…]
  • Department of Justice Redoubles Efforts to Find and Prosecute Those Responsible for the 2001 Murder of Federal Prosecutor Tom Wales
    In Crime News
    Deputy Attorney General Lisa O. Monaco today announced that the Department of Justice has doubled the $1 million reward for information leading to the arrest and conviction of those responsible for the October 2001 murder of Seattle Assistant U.S. Attorney Thomas Wales.
    [Read More…]
  • Arkansas Landscaper Pleads Guilty to Tax Fraud
    In Crime News
    An Arkansas resident pleaded guilty today to filing a false corporate tax return.
    [Read More…]
  • International Day of Remembrance and Tribute to the Victims of Terrorism
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Senior Official for Public Diplomacy and Public Affairs Jennifer Hall Godfrey’s Travel to the United Arab Emirates and Germany
    In Crime Control and Security News
    Office of the [Read More…]
  • Security at the 2019 Women’s World Cup nearing the final goal
    In Crime Control and Security News
    Angela French, DSS [Read More…]
  • Secretary Antony J. Blinken With Olena Removska of Radio Free Europe/Radio Liberty
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Kiribati Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Information Environment: DOD Operations Need Enhanced Leadership and Integration of Capabilities
    In U.S GAO News
    What GAO Found At its core, information operations (IO) are the integration of information-related capabilities during military operations to influence, disrupt, corrupt, or usurp the decision making of adversaries and potential adversaries while protecting our own. (See figure.) For example, in seeking to facilitate safe and orderly humanitarian assistance, the Department of Defense (DOD) would conduct IO by influencing host nation and regional cooperation through the integration of public affairs activities and military information support operations. Information Operations and Selected Information-Related Capabilities GAO found, in 2019, that DOD had made limited progress in implementing the 2016 DOD IO strategy and faced a number of challenges in overseeing the IO enterprise and integrating its IO capabilities. Specifically: In seeking to implement the strategy, DOD had not developed an implementation plan or an investment framework to identify planning priorities to address IO gaps. DOD has established department-wide IO roles and responsibilities and assigned most oversight responsibilities to the Under Secretary of Defense for Policy. The Under Secretary had exercised some responsibilities, such as establishing an executive steering group. However, the Under Secretary had not fulfilled other IO oversight responsibilities, such as conducting an assessment of needed tasks, workload, and resources. Instead, the Under Secretary delegated these responsibilities to an official whose primary responsibilities are focused on special operations and combatting terrorism. DOD had integrated information-related capabilities in some military operations, but had not conducted a posture review to assess IO challenges. Conducting a comprehensive posture review to fully assess challenges would assist DOD in effectively operating while using information-related capabilities. Why GAO Did This Study U.S. potential adversaries—including near-peer competitors Russia and China—are using information to achieve objectives below the threshold of armed conflict. DOD can use information operations to counter these activities. This testimony summarizes GAO's past work related to DOD's IO capabilities. Specifically, it discusses: (1) DOD's information operation terms and concept, and (2) DOD's actions to implement the 2016 DOD IO strategy and address oversight and integration challenges. This statement is based on GAO's August and October 2019 reports (GAO-19-510C and GAO-20-51SU) and updates conducted in April 2021.
    [Read More…]
  • Secretary Blinken’s Call with Brazilian Foreign Minister Araujo
    In Crime Control and Security News
    Office of the [Read More…]
  • Second Member Of “Boogaloo Bois” Pleads Guilty to Conspiracy to Provide Material Support to Hamas
    In Crime News
    A Minnesota man pleaded guilty today to conspiracy to provide material support and resources, namely property, services and weapons, to what he believed was Hamas, a designated foreign terrorist organization, for use against Israeli and U.S. military personnel overseas.
    [Read More…]
  • Condemning ISIS-K Attack on a Kabul Gathering
    In Crime News
    Michael R. Pompeo, [Read More…]
  • Countering Violent Extremism: DHS Can Further Enhance Its Strategic Planning and Data Governance Efforts
    In U.S GAO News
    What GAO Found DHS's 2019 Strategic Framework for Countering Terrorism and Targeted Violence and the related plans—collectively referred to as the strategy—outline the department's vision for all DHS counterterrorism activities. In prior work, GAO has identified seven elements of a comprehensive strategy. GAO found that DHS's strategy contains some but not all of the key elements (see figure). For example, GAO found that DHS's strategy included a mission statement, and a set of goals that were in turn linked to objectives and priority actions. However, the strategy did not include a discussion of external factors such as how the economy, demographics, or emerging technologies may affect the department in meeting its goals. By identifying and assessing such external factors, DHS would be better positioned to proactively mitigate such factors or plan for contingencies, if needed. Extent to Which DHS's Strategy for Countering Terrorism and Targeted Violence Included the Seven Elements of a Comprehensive Strategy DHS has taken some steps to establish a data governance framework, which helps ensure that an agency's data assets are transparent, accessible, and of sufficient quality to support its mission. For example, DHS established a data governance council to manage various data priority areas, however it has not yet completed actions to include targeted violence and terrorism prevention data into its department-wide framework. DHS has already identified some data challenges, such as the lack of comprehensive, national-level statistics on terrorism and targeted violence that underscore the need for a data governance framework. By incorporating targeted violence and terrorism prevention data into its broader data governance framework, DHS would be better able to leverage data to support and inform its prevention efforts, including building effective policy to address the threats and trends it identifies in the data. Why GAO Did This Study Data collected through the Extremist Crime Database show that there were 81 fatal violent extremist attacks in the United States from 2010 through 2020, resulting in 240 deaths. Since 2010, DHS has developed strategic initiatives that address targeted violence and terrorism prevention, which include efforts to counter violent extremism, among other things. GAO was asked to review DHS's longer-term efforts to prevent terrorism and targeted violence. This report examines the extent to which (1) DHS's 2019 strategy to address targeted violence and terrorism prevention includes key elements of a comprehensive strategy, and (2) DHS has developed a data governance framework to help implement its strategy. GAO reviewed DHS documentation and compared DHS's strategy to identified elements of a comprehensive strategy, and compared DHS's efforts to develop a data governance framework to federal requirements for implementing data governance.
    [Read More…]
  • Secretary Antony J. Blinken And Norwegian Foreign Minister Ine Soreide Before Their Meeting
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Priority Open Recommendations: Office of Management and Budget
    In U.S GAO News
    What GAO Found In April 2020, GAO identified 35 priority recommendations for the Office of Management and Budget (OMB). Since then, OMB has implemented four of those recommendations by, among other things, taking actions to help reduce improper payments across the federal government and improve the quality of agency spending data. In June 2021, GAO identified 13 additional priority recommendations for OMB, bringing the total number to 44. These recommendations involve the following areas: Improving government performance. Increasing availability and transparency of government data. Improving acquisition management and reducing costs. Reducing government-wide improper payments. Strengthening information security. Establishing controls for disaster relief. Improving oversight of agency collection and coordination of federal data on sexual violence. Improving federal real property asset management. Improving information management. OMB's continued attention to these issues could yield significant cost savings and other improvements in government operations. Why GAO Did This Study Priority open recommendations are the GAO recommendations that warrant priority attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional and/or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or ensure that programs comply with laws and funds are legally spent, among other benefits. Since 2015 GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Michelle Sager at (202) 512-6806 or sagerm@gao.gov.
    [Read More…]
  • Secretary Michael R. Pompeo With Larry O’Connor of the Larry O’Connor Show/WMAL
    In Crime Control and Security News
    Michael R. Pompeo, [Read More…]
  • Secretary Antony J. Blinken At the Virtual COVID-19 Summit
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Exposure Notification: Benefits and Challenges of Smartphone Applications to Augment Contact Tracing
    In U.S GAO News
    Why GAO Did This Study With the emergence and rapid global spread of COVID-19, smartphone apps have been developed to supplement manual contact tracing, which is a public health measure used to slow the spread of infectious disease. GAO was asked to conduct a technology assessment of exposure notification apps. This report discusses (1) the benefits of exposure notification apps; (2) the current level of deployment in the U.S.; (3) challenges affecting their use; and (4) policy options that may help address these challenges for future use. To address these objectives, GAO reviewed agency documentation, met with officials from several federal agencies, and conducted a review of technical and policy literature. GAO also interviewed representatives from companies involved in the development of exposure notification apps, public health organizations, federally funded research and development centers, and academic researchers. In addition, GAO analyzed information from a selection of states. GAO is identifying policy options in this report. GAO received technical comments on a draft of this report from five federal agencies and five organizations included in the review, which it incorporated as appropriate. What GAO Found Exposure notification applications (apps)—which determine the proximity of users and notify people who have been in close contact with another user who was likely infectious—are expected to enhance the speed and reach of contact tracing and help slow the spread of infectious diseases such as COVID-19. As of June 2021, almost half (26/56) of U.S. states, territories, and the District of Columbia had deployed an app for COVID-19, all using a system developed jointly by Google and Apple (see figure). In the absence of a national app, states independently launched apps, resulting in a staggered rollout over 10 months beginning in August 2020. Map of deployment of exposure notification apps by U.S. states and territories, as of June 2021 Reported app development costs for selected states varied, ranging from no cost (provided by a nonprofit organization) to $700,000. Marketing costs for selected states ranged from $380,000 to $3.2 million. Reported app download levels in the selected states ranged from 200,000 to more than 2 million, as of June 2021. GAO identified several challenges limiting app use and the ability of states and others to determine whether the apps were effective: Accuracy of measurements Technical limitations to measuring distance and exposure can result in inaccurate exposure notifications. Privacy and security concerns The public may lack confidence that its privacy is being protected, in part, due to a lack of independent privacy and security assessments and a lack of federal legal protections. Adoption States have faced challenges attracting public interest in downloading and using an exposure notification app. Verification code delays States faced challenges in promptly providing people who tested positive for COVID-19 with a verification code necessary to notify other close contacts of potential exposure using the app. Evidence of effectiveness Limited data are available to evaluate the effectiveness of the apps. Source: GAO. | GAO-21-104622 GAO developed the following four policy options that could help address challenges related to exposure notification apps. The policy options identify possible actions by policymakers, which may include Congress, other elected officials, federal agencies, state and local governments, and industry. See below for details of the policy options and relevant opportunities and considerations. Policy Options to Help Address Challenges of Exposure Notification Apps for Future Use   Opportunities Considerations Research and Development (report page 41) Policymakers could promote research and development to address technological limitations. Research on technological limitations could help increase accuracy, encouraging users to download and use the apps. Research on technologies and architectures other than those used by U.S. states could lead to improvements. Partnerships with technology companies could spur innovation and help with integrating improvements. The research needed may be costly. Improvements may not be cost-effective, since existing apps may already be sufficiently accurate. Research may result in apps that are not functional for the next pandemic, since the current apps were developed for COVID-19. Privacy and Security Standards and Practices (report page 42) Policymakers could promote uniform privacy and security standards and practices for exposure notification apps. Uniform standards and best practices could help address real and perceived risks to the public’s data, potentially increasing adoption. Standards developed by a broad coalition of stakeholders could increase the likelihood of stakeholder agreement and buy-in. Policymakers would need to balance the need for privacy and security with the costs of implementing standards and practices. Implementation of privacy requirements may need to be flexible, since jurisdictions could use different approaches. Standards and practices could be challenging to oversee and enforce. Best Practices (report page 43) Policymakers could promote best practices for approaches to increasing adoption and to measure the effectiveness of exposure notification apps. Best practices could help authorities better promote app adoption. Best practices could help state public health authorities by providing information on procedures and potential approaches for distributing verification codes in a timely manner. Best practices could help public health authorities establish a more rigorous way to measure the extent of app use and any resulting improvements in notifying exposed people. Best practices could require consensus from many public- and private-sector stakeholders, which can be time- and resource-intensive. Current best practices may have limited relevance to a future pandemic. In some cases, stakeholders may lack sufficient information or the experience to develop best practices. National Strategy (report page 44) Policymakers could collaborate to enhance the pandemic national strategy and promote a coordinated approach to the development and deployment of exposure notification apps. Enhanced national coordination that builds on the underlying infrastructure and lessons learned from COVID-19 could prompt faster deployment of apps in the future. A future national marketing campaign with cohesive and coherent messaging could result in wider adoption. Policymakers could recommend a national app that public health authorities could decide to use based on their individual needs. A national app could add more functions by integrating exposure notification capabilities with test scheduling and vaccine delivery coordination. A coordinated national approach would likely have associated costs and require sustained funding during the pandemic. Coordination of groups with divergent perspectives and interests may pose challenges to defining outcomes, measuring performance, and establishing a leadership approach. It is unclear whether potential users would be more or less likely to trust a national exposure notification app than one developed by a state government. Source: GAO. | GAO-21-104622 For more information, contact Karen L. Howard at (202) 512-6888 or howardk@gao.gov or Vijay A. D’Souza, at (202) 512-6240, dsouzav@gao.gov.
    [Read More…]
  • Cybersecurity: Federal Agencies Need to Implement Recommendations to Manage Supply Chain Risks
    In U.S GAO News
    What GAO Found Federal agencies continue to face software supply chain threats. In December 2020, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency issued an emergency directive requiring agencies to take action regarding a threat actor that had been observed leveraging a software supply chain compromise of a widely used enterprise network management software suite—SolarWinds Orion. Subsequently, the National Security Council staff formed a Cyber Unified Coordination Group to coordinate the government response to the cyberattack. The group took a number of steps, including gathering intelligence and developing tools and guidance, to help organizations identify and remove the threat. During the same month that the SolarWinds compromise was discovered, GAO reported that none of 23 civilian agencies had fully implemented selected foundational practices for managing information and communication technology (ICT) supply chain risks—known as supply chain risk management (SCRM) (see figure). Twenty-three Civilian Agencies' Implementation of Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) Practices GAO stressed that, as a result of not fully implementing the foundational practices, the agencies were at a greater risk that malicious actors could exploit vulnerabilities in the ICT supply chain, causing disruptions to mission operations, harm to individuals, or theft of intellectual property. Accordingly, GAO recommended that each of the 23 agencies fully implement these foundational practices. In May 2021, GAO received updates from six of the 23 agencies regarding actions taken or planned to address its recommendations. However, none of the agencies had fully implemented the recommendations. Until they do so, agencies will be limited in their ability to effectively address supply chain risks across their organizations. Why GAO Did This Study Federal agencies rely extensively on ICT products and services (e.g., computing systems, software, and networks) to carry out their operations. However, agencies face numerous ICT supply chain risks, including threats posed by malicious actors who may exploit vulnerabilities in the supply chain and, thus, compromise the confidentiality, integrity, or availability of an organization's systems and the information they contain. Recent events involving a software supply chain compromise of SolarWinds Orion, a network management software suite, and the shutdown of a major U.S. fuel pipeline due to a cyberattack highlight the significance of these threats. GAO was asked to testify on federal agencies' efforts to manage ICT supply chain risks. Specifically, GAO (1) describes the federal government's actions in response to the compromise of SolarWinds and (2) summarizes its prior report on the extent to which federal agencies implemented foundational ICT supply chain risk management practices. To do so, GAO reviewed its previously published reports and related information. GAO has ongoing work examining federal agencies' responses to SolarWinds and plans to issue a report on this in fall 2021.
    [Read More…]

Crime

Network News © 2005 Area.Control.Network™ All rights reserved.