U.S. GAO - Small Business Administration

Recent Reports

COVID-19 Relief: SBA and DOL Should Improve Processes to Identify and Recover Overpayments

Published: Nov 13, 2024

Publicly Released: Nov 13, 2024

IT Modernization: SBA Urgently Needs to Address Risks on Newly Deployed System

Published: Nov 06, 2024

Publicly Released: Nov 13, 2024

Small Business Research Programs: Agencies Broadly Solicit Ideas, but Clearer Guidance Could Improve DOD Efforts

Published: Sep 30, 2024

Publicly Released: Sep 30, 2024

Small Business Innovation Research: Most Agencies Did Not Implement Required Commercialization Pilot

Published: Sep 25, 2024

Publicly Released: Sep 25, 2024

Small Business Research Programs: Opportunities Exist for SBA and Agencies to Reduce Vulnerabilities to Fraud, Waste, and Abuse

Published: Sep 09, 2024

Publicly Released: Sep 09, 2024

Priority Open Recommendations: Small Business Administration

Published: May 31, 2024

Publicly Released: Jun 10, 2024

View More Reports

Open Recommendations (55 total)

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Small Business Administration	The Administrator of the Small Business Administration should direct its agency CIO to ensure they conduct a review in conjunction with the investment's program manager and in consultation with the Federal CIO, for major IT investments that have been designated as high risk for four consecutive quarters, as prescribed by FITARA, including identifying (1) the root causes of the high level of risk of the investment; (2) the extent to which these causes can be addressed (e.g., action items and due dates); and (3) the probability of future success (e.g., outcomes). (Recommendation 43)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Small Business Administration	The Administrator of the Small Business Administration should direct its agency CIO to work with OMB to ensure that annual reviews of their IT portfolio are conducted in conjunction with the Federal CIO and the Chief Operating Officer or Deputy Secretary (or equivalent), as prescribed by FITARA. (Recommendation 42)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

COVID-19 Relief: SBA and DOL Should Improve Processes to Identify and Recover Overpayments

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Small Business Administration	The Administrator of SBA should ensure that the Office of Capital Access expands and documents loan review processes for the PPP and COVID-19 EIDL program and how loans are reviewed to identify overpayments. (Recommendation 1)	Open In its comments on our draft report, SBA partially agreed with the recommendation and stated that the agency will review the loan review processes for both programs to ensure that the processes are appropriately documented and are effective in identifying overpayments. We will follow-up with SBA on actions to address this recommendation.

COVID-19 Relief: SBA and DOL Should Improve Processes to Identify and Recover Overpayments

Show

2 Open Recommendations

Agency Affected	Recommendation	Status
Small Business Administration	The Administrator of SBA should ensure that the Office of Capital Access expands and documents the PPP guarantee purchase process to ensure that—prior to purchase approval—SBA has collected sufficient documentation to verify that lenders complied with program requirements. (Recommendation 2)	Open In its comments on our draft report, SBA partially agreed with the recommendation and stated that for guarantee purchase requests that have an indication of potential fraud or potential lender noncompliance with PPP lender underwriting requirements, the agency will ensure that the proper documentation has been collected to verify that lenders complied with program requirements. We will follow-up with SBA on actions to address this recommendation.
Small Business Administration	The Administrator of SBA should ensure that the Office of Capital Access expands and documents SBA's overpayment identification and recovery process for the PPP and COVID-19 EIDL program, as well as future programs, to include clear, formalized procedures for tracking all identified overpayments and subsequent recoveries. (Recommendation 3)	Open In its comments on our draft report, SBA partially agreed with the recommendation and stated it will ensure that the overpayment identification and recovery processes for the PPP and COVID-19 EIDL program, as well as future programs, are clear and formalized and can effectively track all identified overpayments and subsequent recoveries. We will follow-up with SBA on actions to address this recommendation.

IT Modernization: SBA Urgently Needs to Address Risks on Newly Deployed System

Show

5 Open Recommendations

Agency Affected	Recommendation	Status
Small Business Administration	The Administrator of SBA should direct the Chief Information Officer to consider the probability and impact of accepted UCP deployment risks if deciding to issue a final authorization to operate for the system. (Recommendation 3)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration	The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that risks are evaluated, categorized and prioritized using defined parameters, and also to ensure that project risk mitigation plans are developed for IT modernization projects. (Recommendation 8)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration	The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that integrated master schedules are developed for IT modernization projects using leading practices described in GAO's Schedule Assessment Guide. (Recommendation 13)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration	The Administrator of SBA should direct the Associate Administrator of SBA's Office of Government Contracting and Business Development to expeditiously address critical UCP project risk management issues, including developing a project risk management strategy and risk mitigation plan. (Recommendation 1)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration	The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that project risk management strategies are established and maintained for IT modernization projects. (Recommendation 6)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

View More Recommendations