Home / News / GAO: Agencies Should Apply Risk Mgmt, Cybersecurity Practices

GAO: Agencies Should Apply Risk Mgmt, Cybersecurity Practices

Jeff Brody

The Government Accountability Office has listed 58 recommendations to help agencies implement key practices in their respective risk management and cybersecurity initiatives. The recommendations include coordination with the secretary of the Department of Homeland Security, development of a risk management process document, facilitation of organization-wide security assessments and modernization of risk evaluation policies, GAO said in a report published Thursday

GAO found that while 22 agencies have assigned cybersecurity risk executives, none of them were able to integrate risk management and security processes to their programs. Additionally, GAO noted a number of gaps in creating risk management programs including employee retention, lack of quality risk data and non-consistency in applying security policies.

The agency also reported that DHS and the Office of Management and Budget did not address management gaps amid an issued executive order in 2017. GAO conducted the review to secure federal agencies' data from potential cyberattacks.

Check Also

Navy Chief Adm. Michael Gilday Asks for Higher Budget to Pursue Plans

Adm. Michael Gilday, chief of naval operations, said the U.S. Navy needs a higher budget to comply with the Trump administration's demands, Defense News reported Tuesday. He said at the Surface Navy Association's annual symposium that the service branch's Columbia-class submarine program has been taking too much a percentage of the budget.