The Government Accountability Office has urged agency chief information officers to frequently update their ratings for agency information technology investments on the web-based Federal IT Dashboard system.
GAO said Thursday it conducted a performance audit on 95 federal IT programs that were active from April 2015 to June 2016 at 17 agencies and compared CIO rating processes to guidance established by the Office of Management and Budget.
Auditors found 40 of CIO-issued ratings for assessed investments were not updated at the time of audit and that the rating processes of seven agencies did not factor active risks.
“GAO’s assessments generally showed more risk than the associated CIO ratings,” the agency noted.
“In particular, of the 95 investments assessed, GAO’s assessments matched the CIO ratings 22 times, showed more risk 60 times, and showed less risk 13 times.”
GAO added the agencies’ risk rating processes understate the level of risk, increasing the probability that key federal IT investments do not receive adequate oversight.
The government watchdog recommended that agency CIOs factor active risks into the ratings they post on dashboard.