Skip to main content

Small Business Administration

Jump To:

Open Recommendations (57 total)

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of the Small Business Administration should direct its agency CIO to work with OMB to ensure that annual reviews of their IT portfolio are conducted in conjunction with the Federal CIO and the Chief Operating Officer or Deputy Secretary (or equivalent), as prescribed by FITARA. (Recommendation 42)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Show
1 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of the Small Business Administration should direct its agency CIO to ensure they conduct a review in conjunction with the investment's program manager and in consultation with the Federal CIO, for major IT investments that have been designated as high risk for four consecutive quarters, as prescribed by FITARA, including identifying (1) the root causes of the high level of risk of the investment; (2) the extent to which these causes can be addressed (e.g., action items and due dates); and (3) the probability of future success (e.g., outcomes). (Recommendation 43)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

COVID-19 Relief: SBA and DOL Should Improve Processes to Identify and Recover Overpayments

Show
2 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of SBA should ensure that the Office of Capital Access expands and documents SBA's overpayment identification and recovery process for the PPP and COVID-19 EIDL program, as well as future programs, to include clear, formalized procedures for tracking all identified overpayments and subsequent recoveries. (Recommendation 3)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration The Administrator of SBA should ensure that the Office of Capital Access expands and documents loan review processes for the PPP and COVID-19 EIDL program and how loans are reviewed to identify overpayments. (Recommendation 1)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

COVID-19 Relief: SBA and DOL Should Improve Processes to Identify and Recover Overpayments

Show
1 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of SBA should ensure that the Office of Capital Access expands and documents the PPP guarantee purchase process to ensure that—prior to purchase approval—SBA has collected sufficient documentation to verify that lenders complied with program requirements. (Recommendation 2)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Modernization: SBA Urgently Needs to Address Risks on Newly Deployed System

Show
4 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that parameters to categorize or analyze risks are clearly defined at the project level for IT modernization projects. (Recommendation 5)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that IT system acquisition plans and strategic plans for IT modernization projects contain all the information needed to manage cybersecurity risks, including how such risks will be managed, security milestones, how assets will be protected at a program or project level, and security-relevant criteria for selecting suppliers. (Recommendation 10)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that risks are evaluated, categorized and prioritized using defined parameters, and also to ensure that project risk mitigation plans are developed for IT modernization projects. (Recommendation 8)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Small Business Administration The Administrator of SBA should direct the Chief Information Officer to establish and implement policies and procedures to ensure that integrated master schedules are developed for IT modernization projects using leading practices described in GAO's Schedule Assessment Guide. (Recommendation 13)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Modernization: SBA Urgently Needs to Address Risks on Newly Deployed System

Show
1 Open Recommendations
Agency Affected Recommendation Status
Small Business Administration The Administrator of SBA should direct the Chief Information Officer to consider the probability and impact of accepted UCP deployment risks if deciding to issue a final authorization to operate for the system. (Recommendation 3)
Open
When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.