GAO'S 2015 High-Risk Series: An Update
Highlights
What GAO Found
Solid, steady progress has been made in the vast majority of the high-risk areas. Eighteen of the 30 areas on the 2013 list at least partially met all of the criteria for removal from the high risk list. Of those, 11 met at least one of the criteria for removal and partially met all others. Sufficient progress was made to narrow the scope of two high-risk issues—Protecting Public Health through Enhanced Oversight of Medical Products and DOD Contract Management. Overall, progress has been possible through the concerted actions of Congress, leadership and staff in agencies, and the Office of Management and Budget.
This year GAO is adding 2 areas, bringing the total to 32.
Managing Risks and Improving Veterans Affairs (VA) Health Care. GAO has reported since 2000 about VA facilities' failure to provide timely health care. In some cases, these delays or VA's failure to provide care at all have reportedly harmed veterans. Although VA has taken actions to address some GAO recommendations, more than 100 of GAO's recommendations have not been fully addressed, including recommendations related to the following areas: (1) ambiguous policies and inconsistent processes, (2) inadequate oversight and accountability, (3) information technology challenges, (4) inadequate training for VA staff, and (5) unclear resource needs and allocation priorities. The recently enacted Veterans Access, Choice, and Accountability Act included provisions to help VA address systemic weaknesses. VA must effectively implement the act.
Improving the Management of Information Technology (IT) Acquisitions and Operations. Congress has passed legislation and the administration has undertaken numerous initiatives to better manage IT investments. Nonetheless, federal IT investments too frequently fail to be completed or incur cost overruns and schedule slippages while contributing little to mission-related outcomes. GAO has found that the federal government spent billions of dollars on failed and poorly performing IT investments which often suffered from ineffective management, such as project planning, requirements definition, and program oversight and governance. Over the past 5 years, GAO made more than 730 recommendations; however, only about 23 percent had been fully implemented as of January 2015.
GAO is also expanding two areas due to evolving high-risk issues.
- Enforcement of Tax Laws. This area is expanded to include IRS's efforts to address tax refund fraud due to identify theft. IRS estimates it paid out $5.8 billion (the exact number is uncertain) in fraudulent refunds in tax year 2013 due to identity theft. This occurs when a thief files a fraudulent return using a legitimate taxpayer's identifying information and claims a refund.
- Ensuring the Security of Federal Information Systems and Cyber Critical Infrastructure and Protecting the Privacy of Personally Identifiable Information (PII). This risk area is expanded because of the challenges to ensuring the privacy of personally identifiable information posed by advances in technology. These advances have allowed both government and private sector entities to collect and process extensive amounts of PII more effectively. The number of reported security incidents involving PII at federal agencies has increased dramatically in recent years.
Why GAO Did This Study
The federal government is one of the world's largest and most complex entities; about $3.5 trillion in outlays in fiscal year 2014 funded a broad array of programs and operations. GAO maintains a program to focus attention on government operations that it identifies as high risk due to their greater vulnerabilities to fraud, waste, abuse, and mismanagement or the need for transformation to address economy, efficiency, or effectiveness challenges.
Since 1990, more than one-third of the areas previously designated as high risk have been removed from the list because sufficient progress was made in addressing the problems identified. The five criteria for removal are: (1) leadership commitment, (2) agency capacity, (3) an action plan, (4) monitoring efforts, and (5) demonstrated progress.
This biennial update describes the status of high-risk areas listed in 2013 and identifies new high-risk areas needing attention by Congress and the executive branch. Solutions to high-risk problems offer the potential to save billions of dollars, improve service to the public, and strengthen government performance and accountability.
Recommendations
This report contains GAO's views on progress made and what remains to be done to bring about lasting solutions for each high-risk area. Perseverance by the executive branch in implementing GAO's recommended solutions and continued oversight and action by Congress are essential to achieving greater progress.
GAO's 2015 High Risk List
Strengthening the Foundation for Efficiency and Effectiveness |
Limiting the Federal Government's Fiscal Exposure by Better Managing Climate Change Risks |
Management of Federal Oil and Gas Resources |
Modernizing the U.S. Financial Regulatory System and the Federal Role in Housing Financea |
Restructuring the U.S. Postal Service to Achieve Sustainable Financial Viabilitya |
Funding the Nation's Surface Transportation Systema |
Strategic Human Capital Management |
Managing Federal Real Property |
Improving the Management of IT Acquisitions and Operations (new) |
Transforming DOD Program Management |
DOD Approach to Business Transformation |
DOD Business Systems Modernization |
DOD Support Infrastructure Managementa |
DOD Financial Management |
DOD Supply Chain Management |
DOD Weapon Systems Acquisition |
Ensuring Public Safety and Security |
Mitigating Gaps in Weather Satellite Data |
Strengthening Department of Homeland Security Management Functions |
Establishing Effective Mechanisms for Sharing and Managing Terrorism-Related Information to Protect the Homeland |
Ensuring the Security of Federal Information Systems and Cyber Critical Infrastructure and Protecting the Privacy of Personally Identifiable Informationa |
Ensuring the Effective Protection of Technologies Critical to U.S. National Security Interestsa |
Improving Federal Oversight of Food Safetya |
Protecting Public Health through Enhanced Oversight of Medical Products |
Transforming EPA's Processes for Assessing and Controlling Toxic Chemicalsa |
Managing Federal Contracting More Effectively |
DOD Contract Management |
DOE's Contract Management for the National Nuclear Security Administration and Office of Environmental Management |
NASA Acquisition Management |
Assessing the Efficiency and Effectiveness of Tax Law Administration |
Enforcement of Tax Lawsa |
Modernizing and Safeguarding Insurance and Benefit Programs |
Managing Risks and Improving VA Health Care (new) |
Improving and Modernizing Federal Disability Programs |
Pension Benefit Guaranty Corporation Insurance Programsa |
Medicare Programa |
Medicaid Programa |
National Flood Insurance Programa |
Source: GAO. | GAO-15-371T
aLegislation is likely to be necessary to effectively address this high-risk area.