Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news
No Result
View All Result
Executive Gov
No Result
View All Result
Home Civilian

GAO Recommends Full Implementation of Risk Management Processes at NASA

by Kristen Smith
June 30, 2025
in Civilian, Cybersecurity, News
GAO evaluates NASA's cybersecurity risk management program implementation.

GAO releases report on NASA's cybersecurity risk management program implementation.

A recent report from the Government Accountability Office reveals that NASA completed some cybersecurity tasks for its major projects, but did not fully execute key elements of its cybersecurity risk management program. 

Table of Contents

    • You might also like
    • DOE Names New Members to Secretary of Energy Advisory Board
    • TMF Seeks Proposals for Federal AI, Permitting Modernization Projects
    • Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test
  • NASA to Invest $80B in Space Exploration Projects

You might also like

DOE Names New Members to Secretary of Energy Advisory Board

TMF Seeks Proposals for Federal AI, Permitting Modernization Projects

Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test

The report, released on Wednesday, is based on GAO’s evaluation of NASA’s cybersecurity policies and risk management processes for four selected systems. According to the government watchdog, the space agency has yet to conduct an organization-wide risk assessment, a vital step for identifying and mitigating high-priority cyber threats across its systems.

GAO also found that selected NASA systems did not document system-level continuous monitoring strategies due to the lack of guidance on how to do so. “Without documented strategies that are fully understood by key cyber personnel, organizations face increased risks of data breaches, delayed detection of threats, and slower responses to attacks,” the report said. 

The space agency’s cybersecurity risk management program follows guidelines from the National Institute of Standards and Technology, which outlines seven key steps for risk management: prepare, categorize systems, select controls, implement controls, assess control implementation, authorize systems, and continuously monitor security controls. The report found that while NASA had partially or fully implemented most steps, important activities within these steps remained incomplete.

NASA to Invest $80B in Space Exploration Projects

GAO said a comprehensive cybersecurity risk management program is critical to protecting NASA’s systems and information, particularly as the agency plans to invest $80 billion in developing spacecraft and systems for exploring the Earth, the moon and the solar system.

GAO issued 16 recommendations for NASA to address cybersecurity weaknesses. Among the key recommendations are conducting an organization-wide risk assessment, improving the documentation of control assessments, and ensuring that critical controls are properly applied and monitored.

NASA concurred with seven recommendations, partially concurred with four recommendations, and did not concur with the remaining five recommendations.

Stay connected via Google News
Follow us for the latest travel updates and guides.
Add as preferred source on Google
Share5Tweet19

Recommended For You

DOE Names New Members to Secretary of Energy Advisory Board

by Jane Edwards
July 10, 2026
Department of Energy seal. DOE has named 20 new members to the Secretary of Energy Advisory Board.

20 industry and research leaders have joined DOE's advisory boardMembers will serve two-year terms through May 2028Explore AI, cybersecurity and other agency modernization priorities at the 2026 FedCiv...

Read moreDetails

TMF Seeks Proposals for Federal AI, Permitting Modernization Projects

by Jane Edwards
July 10, 2026
Technology Modernization Fund logo. TMF seeks proposals for permitting technology modernization and federal AI adoption.

Two TMF proposal calls focus on permitting and AIProject submissions close July 24Explore AI and federal modernization priorities at the 2026 FedCiv SummitThe Technology Modernization Fund has launched...

Read moreDetails

Space Force, Parabilis Complete DOTS Propulsion Hot Fire Test

by Jane Edwards
July 10, 2026
U.S. Space Force seal. The Space Force and Parabilis have completed a hot fire test of the DOTS CubeSat propulsion prototype.

DOTS is a 2U-scale hybrid propulsion system for CubeSatsThe propulsion prototype exceeded program objectivesThe 2026 Air and Space Summit will examine AI, Golden Dome and network modernizationThe U.S....

Read moreDetails

VA OIG Finds Security Gaps in Veterans’ Patient Advocate Tracking System

by Miles Jamison
July 10, 2026
VA OIG seal. The VA's inspector general found that the Patient Advocate Tracking System-Replacement's security was lacking.

The watchdog found weaknesses in PATS-R safeguards that exposed sensitive veteran informationAuditors identified gaps in system classification, access management and privacy documentationMany users said they did not realize...

Read moreDetails

White House CEQ Names Innovators for Inaugural Permitting Technology Expo

by Miles Jamison
July 10, 2026
White House. CEQ revealed the technology innovators that will demonstrate the tools to modernize reviews and permitting.

CEQ selected technology innovators to demonstrate permitting modernization tools at a July 31 expoAn expert panel evaluated submissions against technology priorities outlined in the Permitting Technology Action PlanThe...

Read moreDetails
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Sponsors

About ExecutiveGov

ExecutiveGov, published by Executive Mosaic, is a site dedicated to the news and headlines in the federal government. ExecutiveGov serves as a news source for the hot topics and issues facing federal government departments and agencies such as Gov 2.0, cybersecurity policy, health IT, green IT and national security. We also aim to spotlight various federal government employees and interview key government executives whose impact resonates beyond their agency.

CATEGORIES

  • Acquisition & Procurement
  • Announcements
  • Articles
  • Artificial Intelligence
  • Awards
  • Big Data & Analytics News
  • C4ISR
  • Civilian
  • Cloud
  • Contract Awards
  • Cybersecurity
  • Defense And Intelligence
  • Defense Security Cooperation
  • DHS
  • Digital Assets
  • Digital Modernization
  • DoD
  • Events
  • Executive Moves
  • Executive Spotlights
  • Federal Civilian
  • Financial Reports
  • Foreign Military Sales
  • General News
  • GovCon Expert
  • Government Cloud
  • Government Technology
  • GSA
  • Healthcare IT
  • Industry News
  • Intelligence
  • Legislation
  • M&A Activity
  • National Security
  • News
  • Policy Updates
  • Press Releases
  • Profiles
  • Space
  • Videos
  • Wash100
Sign Up For Our Newsletter
Subscribe to our mailing list to receives daily updates direct to your inbox!
Invalid email address
Your privacy is guranteed.
Thanks for subscribing!

Copyright 2026 Executive Mosaic. All Rights Reserved. Site Archive

No Result
View All Result
  • Home
  • Acquisition & Procurement
  • Agencies
    • DoD
    • Intelligence
    • DHS
    • Civilian
    • Space
  • Cybersecurity
  • Technology
  • Awards
  • News
  • About
  • Wash100
  • Contact Us
    • Advertising
    • Submit your news

Copyright 2026 Executive Mosaic. All Rights Reserved. Site Archive

Get your free GovCon news!

Get your latest GovCon news and insights. Become a VIP and subscribe to the GovConWire Daily News.

Invalid email address
We promise not to spam you. You can unsubscribe at any time.
Thanks for subscribing!