GAO: DOD Needs Data Strategies to Improve IT Acquisition Monitoring

GAO: DOD Needs Data Strategies to Improve IT Acquisition Monitoring

The Government Accountability Office (GAO) has called on the Department of Defense (DOD) to revisit its chief information officer risk ratings, improve data collection initiatives and develop data strategies for its business systems and software acquisition pathways to help enhance acquisition monitoring.

GAO made the recommendations after it found that DOD lacked data strategies and had not yet completed metrics for two acquisition pathways as of this February, according to a report published Wednesday.

“Without important data from acquisition pathways and systems, DOD risks not having timely quantitative insight into program performance, including its acquisition reform efforts,” the GAO report reads.

The congressional watchdog found that the Pentagon has initiated measures to improve the transparency and sharing of data it uses for acquisition monitoring and has made policy and organizational changes to enhance its information technology acquisition management. Some of these changes are improving data transparency and implementing Agile software development.

“As of December 2020, program officials for the 22 major DOD business IT programs that were actively developing software reported using approaches that may help to limit cost and schedule risks,” the report states.

These approaches include implementing continuous iterative software development, developing a cybersecurity strategy and conducting developmental cybersecurity testing.

You may also be interested in...


DHS, NIST List Goals for Cyber Best Practices

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.