The Government Accountability Office has called on the Department of Homeland Security to ensure that its methods to identify, classify and code cybersecurity job vacancies and responsibilities are complete and timely.
GAO said in a report published Tuesday that DHS has not reported to the Office of Personnel Management its critical cybersecurity needs on an annual basis and has not created any plans for reporting such needs with specific time frames.
The submission of such annual reports to OPM is mandated under the Homeland Security Cybersecurity Workforce Assessment Act of 2014.
The department has not identified and informed Congress about its critical cyber requirements in specialty areas and has not yet concluded its work to determine cyber-related posts and assign codes to all vacant and filled cyber positions.
GAO noted the lack of complete procedures for identifying cybersecurity position vacancies would hamper DHS’ efforts to determine its skills gap, build up its workforce planning and better examine its cyber workforce.
“Further, until DHS establishes plans and time frames for reporting on its critical needs, the department may not be able to ensure that it has the necessary cybersecurity personnel to help protect the department’s and the nation’s federal networks and critical infrastructure from cyber threats,” GAO added.