Chief Information Officer Open Recommendations: Department of Defense

What GAO Found

In May 2025, GAO identified 54 open recommendations under the purview of the Department of Defense's (DOD) Chief Information Officer (CIO), including seven that are directed to component-level CIOs, from previously issued work. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation, (2) Improving IT Acquisitions and Management, (3) DOD Business Systems Modernization, and (4) DOD Financial Management. In addition, GAO has designated four of the 54 as priority recommendations.

For example, GAO previously recommended that DOD assess whether senior leadership has sufficient information to make risk-based decisions, including on the implementation progress of cybersecurity initiatives. Further, GAO recommended that DOD take steps to implement planned software modernization and acquisition reforms. GAO also previously recommended that the department establish a road map to document current and future states of financial management systems as well as gaps, resource requirements, and planned solutions. The CIO's continued attention to these recommendations will help ensure the secure and effective use of IT at the department.

Why GAO Did This Study

CIO open recommendations are outstanding GAO recommendations that warrant the attention of agency CIOs because their implementation could significantly improve government IT operations by securing IT systems, identifying cost savings, improving major government programs, eliminating mismanagement of IT programs and processes, or ensuring that IT programs comply with laws, among others.

For more information, contact Nicholas Marinos at marinosn@gao.gov.