Skip to main content

National Aeronautics and Space Administration

Jump To:

Open Recommendations (36 total)

Small Business Research Programs: Agencies Identified Foreign Risks, but Some Due Diligence Programs Lack Clear Procedures

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should ensure that the SBIR/STTR program office and the Office of Protective Services, Counterintelligence/Counterterrorism Division develop and document agreed-upon procedures for requesting analytical support and sharing information—including classified information, as applicable—to support due diligence reviews. (Recommendation 3)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should direct its agency CIO to work with OMB to ensure that annual reviews of their IT portfolio are conducted in conjunction with the Federal CIO and the Chief Operating Officer or Deputy Secretary (or equivalent), as prescribed by FITARA. (Recommendation 37)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should update and implement guidance to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 7)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should assign and document responsibility for identifying and managing potential impacts of restrictive software licensing practices across the agency. (Recommendation 8)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

NASA Artemis Missions: Exploration Ground Systems Program Could Strengthen Schedule Decisions

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The NASA Administrator, in coordination with the Exploration Systems Development Mission Directorate, should ensure that Exploration Ground Systems program and Mobile Launcher 2 project officials perform at least one schedule risk analysis prior to beginning integrated operation activities to support the Artemis IV launch. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Artemis Programs: NASA Should Document and Communicate Plans to Address Gateway's Mass Risk

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The NASA Administrator, in coordination with the Exploration Systems Development Mission Directorate, should ensure that the Gateway program documents its overall mass management plan and shares it with its projects ahead of the program's planned September 2024 critical design-informed synchronization review. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

NASA Cybersecurity: Plan Needed to Update Spacecraft Acquisition Policies and Standards

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The NASA Administrator should ensure that the Chief Engineer, the Chief Information Officer, and the Principal Advisor for Enterprise Protection develop an implementation plan with time frames to update its spacecraft acquisition policies and standards to incorporate essential controls required to protect against cyber threats. (Recommendation 1)
Open
NASA partially concurred with the recommendation in the report. NASA agreed with the need to ensure continuous improvement of policies and standards to protect against cyber threats. However, NASA disagreed with the need to develop an implementation plan with time frames to update its spacecraft acquisition policies and standards against cyber threats, because existing policies and processes allow programs to select appropriate protection controls. When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Artificial Intelligence: Agencies Have Begun Implementation but Need to Complete Key Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should ensure that the agency updates and approves the agency's plan to achieve consistency with EO 13960 section 5 for each AI application, to include retiring AI applications found to be developed or used in a manner that is not consistent with the order. (Recommendation 33)
Open
NASA concurred with our recommendation. In May 2024, NASA provided a letter that lays out the actions the agency plans to take to address the recommendation. NASA expects to finalize these actions by December 2024. When we confirm what actions the agency has taken to address this recommendation, we will provide updated information.

Artificial Intelligence: Agencies Have Begun Implementation but Need to Complete Key Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should ensure that the agency updates its AI use case inventory to include all the required information, at minimum, and takes steps to ensure that the data in the inventory aligns with provided instructions. (Recommendation 34)
Open
NASA partially concurred with the recommendation. In May 2024, NASA provided a letter that lays out the actions the agency plans to take to address the recommendation. NASA expects to finalize these actions by the end of the first quarter of FY2025 (December 2024). When we confirm what actions the agency has taken to address this recommendation, we will provide updated information.

Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
National Aeronautics and Space Administration The Administrator of the National Aeronautics and Space Administration should ensure that the agency fully implements all event logging requirements as directed by OMB guidance. (Recommendation 17)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.