Chief Information Officer Open Recommendations: Social Security Administration

What GAO Found

In July 2025, GAO identified 11 recommendations under the purview of the Social Security Administration's Chief Information Officers (CIO) from previously issued work. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation or (2) Improving IT Acquisitions and Management. In addition, GAO has designated one of the 11 as a priority recommendation.

For example, GAO previously recommended that the Social Security Administration fully implement event logging requirements to detect, investigate, and remediate cyber threats. GAO also recommended that the agency implement procedures for comparing its inventories of active software licenses to purchased licenses to identify opportunities to reduce cost and improve investment decisions. The CIOs' continued attention to these recommendations will help ensure the secure and effective use of IT at the agency.

Why GAO Did This Study

CIO open recommendations are outstanding GAO recommendations that warrant the attention of agency CIOs because their implementation could significantly improve government IT operations by securing IT systems, identifying cost savings, improving major government programs, eliminating mismanagement of IT programs and processes, or ensuring that IT programs comply with laws, among others.

For more information, contact Nick Marinos at marinosn@gao.gov.