Subscribe: GAO Reports
Added By: Feedage Forager Feedage Grade B rated
Language: English
agencies  cms  data  dod  federal  gao found  gao  guidance  information  officials  program  requirements  review  states 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: GAO Reports

GAO Reports

Reports News from the GAO

Last Build Date: Sat, 20 Jan 2018 00:54:54 -0500


GAO-18-342T, Offshore Seismic Surveys: Additional Guidance Needed to Help Ensure Timely Reviews, January 19, 2018

Fri, 19 Jan 2018 12:00:00 -0500

What GAO Found The Department of the Interior's Bureau of Ocean Energy Management's (BOEM) process and time frames for reviewing seismic survey applications differ by region along the Outer Continental Shelf (OCS). From 2011 through 2016, BOEM reviewed 297 applications and issued 264 seismic survey permits, and the reviews' time frames differed by region (see table). As part of the process, BOEM may require approved "incidental take" authorizations from the Department of Commerce's National Marine Fisheries Service (NMFS) or Interior's U.S. Fish and Wildlife Service (FWS), given the possibility such surveys may disturb or injure marine mammals. BOEM does not have statutory review time frame requirements for issuing permits, and officials said the agency starts its formal review once it determines that an application is complete. In some cases, the agency issued a permit on the same day it determined an application was complete. BOEM's Seismic Survey Permits Issued from 2011 through 2016 OCS region Permits issued How many days review took Alaska 8 35-200 Atlantic 6 0-340 Gulf of Mexico 250 0-287 Source: GAO analysis of BOEM data. ׀ GAO-18-60 NMFS and FWS follow a similar general process for reviewing incidental take authorization applications related to seismic survey activities . From 2011 through 2016, NMFS and FWS reviewed 35 and approved 28 such applications across the three OCS regions , including some authorizations related to BOEM permits as well as research seismic surveys not associated with BOEM permit s. NMFS was unable to provide accurate data for the dates the agenc y determines an application is adequate and complete --and FWS does not record this date. For example, based on GAO's review of NMFS data, in at least two cases, the date NMFS recorded the application had been determined adequate and complete was after the date when the proposed authorization was published in the Federal Register . Federal internal control standards call for agencies to use quality informati on. Without guidance on how to accurately record review dates , agencies and applicants will continue to have uncertainty around review time frames. Further, under the Marine Mammal Protection Act, the agencies are to review one type of incidental take auth orization application--incidental harassment authorization applications --within 120 days of receiving an application for such authorization s. NMFS and FWS have not conducted an analysis of their review time frames. Not conducting such an analysis is inconsis tent with federal internal control standards that call for agency management to design control activities to achieve objectives and respond to risks . Without analyzing the review time frames for incidental harassment authorization applications and compar ing them to statutory review time frame s, NMFS and FWS are unable to determine whether they are meeting their objectives to complet e reviews in the 120 -day statutory time frame. Why GAO Did This Study This testimony summarizes the information contained in GAO's December 2017 report, entitled Offshore Seismic Surveys: Additional Guidance Needed to Help Ensure Timely Reviews (GAO-18-60). For more information, contact Jon Ludwigson at (303) 572-7309, or  

GAO-18-208, VA Health IT Modernization: Historical Perspective on Prior Contracts and Update on Plans for New Initiative, January 18, 2018

Thu, 18 Jan 2018 12:00:00 -0500

What GAO Found The Department of Veterans Affairs (VA) has, since 2001, pursued four separate initiatives to modernize its health information system—the Veterans Health Information Systems and Technology Architecture (VistA). These efforts—HealtheVet, the integrated Electronic Health Record (iEHR), VistA Evolution, and the Electronic Health Record Modernization (EHRM)—reflect varying approaches that the department has considered to achieve a modernized health system over the course of nearly two decades (see figure). This latest effort, the EHRM program, is to include the adoption of the same commercial electronic health record system that the Department of Defense is in the process of acquiring. VA obligated about $1.1 billion to 138 different contractors that worked on iEHR and VistA Evolution (the two efforts for which VA could provide contract data) during fiscal years 2011 through 2016. Funding for the 34 contractors that worked on both efforts totaled about $793 million of the $1.1 billion obligated for contracts on the two initiatives. The top 15 of the contractors that worked on the two efforts (key contractors) accounted for approximately $741 million—$411 million for the development of new system capabilities, $256 million for project management activities, and $74 million for operations and maintenance for iEHR and VistA Evolution. VA has begun planning for the transition from VistA Evolution to EHRM. However, the department is still early in its efforts and has begun developing plans that are intended to guide the new EHRM program. According to the EHRM Executive Director, the department intends to complete development of its plans for EHRM within 90 days after awarding the contract for its new system, which is planned to occur in early 2018. VA has also begun to staff the EHRM program's leadership positions. The department's dedication to completing and effectively executing the planning activities that it has identified will be essential to helping minimize program risks and expeditiously guide this latest electronic health record modernization initiative to a successful outcome—which VA, for almost two decades, has been unable to achieve. Timeline of Four Efforts to Modernize VistA Why GAO Did This Study VA operates the largest health care delivery system in America and VistA is essential to helping deliver the health care services and ensure the quality of health care received by the nation's veterans and their dependents. The system has been in operation for more than 30 years, is costly to maintain, and does not readily support VA's need to electronically exchange health records with the Department of Defense and private health care providers. VA has pursued initiatives to modernize VistA, using government contractors to support its efforts. In June 2017, VA announced a new effort to purchase a commercial solution to replace VistA. GAO was requested to review VA's prior and current efforts to modernize VistA. This review determined (1) VA's efforts to modernize VistA, including key contractors, contract costs, and expected contractor activities and (2) VA's current plans for modernizing VistA and the progress that has been achieved to date. To conduct its study, GAO reviewed VA documentation and its prior work and requested and obtained data on contracts, related obligations, and expected contractor activities for previous efforts. GAO also obtained documentation on plans for VA's current modernization efforts and progress made on the efforts, and interviewed VA officials. GAO has made recommendations to VA aimed at improving its prior modernization efforts. The department concurred with the recommendations and generally took responsive actions. GAO is making no recommendations at this time. VA provided technical comments on this report, which were incorporated as appropriate. For more information, contact David A. Powner at (202) 512-9286 or

GAO-18-177, Homeland Defense: Urgent Need for DOD and FAA to Address Risks and Improve Planning for Technology That Tracks Military Aircraft, January 18, 2018

Thu, 18 Jan 2018 12:00:00 -0500

What GAO Found Since 2008, the Department of Defense (DOD) and the Department of Transportation's Federal Aviation Administration (FAA) have identified a variety of risks related to Automatic Dependent Surveillance-Broadcast (ADS-B) Out technology that could adversely affect DOD security and missions. However, they have not approved any solutions to address these risks. Compared with other tracking technology, ADS-B Out provides more information, such as an aircraft's precise location, velocity, and airframe dimensions, and better enables real-time and historical flight tracking. Individuals—including adversaries—could track military aircraft equipped with ADS-B Out technology, presenting risks to physical security and operations. This readily available public information allowed GAO to track various kinds of military aircraft. ADS-B Out is also vulnerable to electronic warfare and cyber-attacks. Since FAA is planning to divest radars as part of ADS-B implementation, homeland defense could also be at risk, since the North American Aerospace Defense Command relies on information from FAA radars to monitor air traffic. DOD and FAA have drafted a memorandum of agreement that focuses on equipping aircraft with ADS-B Out but does not address specific security risks. Unless DOD and FAA focus on these risks and approve one or more solutions in a timely manner, they may not have time to plan and execute actions that may be needed before January 1, 2020—when all aircraft are required to be equipped with ADS-B Out technology. Of the eight tasks associated with the implementation of ADS-B Out technology in the 2007 DOD NextGen memorandum—issued by the Deputy Secretary of Defense to ensure that the NextGen vision for the future national airspace system met DOD's requirements and the appropriate management of DOD's resources—DOD has implemented two, has partially implemented four, and has not implemented two. DOD has established a joint program office and identified a lead service, but it has only partially validated ADS-B Out requirements, developed a directive, issued an implementation plan, and incorporated NextGen into the planning, budgeting, and programming process. DOD has not taken significant action to integrate the needs and requirements of DOD components related to ADS-B into cohesive plans and policies for inclusion in NextGen joint planning and development, and has not provided periodic and recurring NextGen progress reports to the Deputy Secretary of Defense. As a result of DOD not fully implementing the 2007 NextGen memorandum, DOD components have lacked direction and cohesion while trying to address FAA's requirement to equip military aircraft. This is a public version of a classified report GAO issued in January 2018. Why GAO Did This Study DOD has until January 1, 2020, to equip its aircraft with ADS-B Out technology that would provide DOD, FAA, and private citizens the ability to track their flights in real-time and track flight patterns over time. This technology is a component of NextGen, a broader FAA initiative that seeks to modernize the current radar-driven, ground-based air transportation system into a satellite-driven space-based system. Senate Report 114-255 included a provision for GAO to assess the national defense implications of FAA's implementation of ADS-B. This report assesses the extent to which (1) DOD and FAA have identified operations and security risks and approved solutions to address these risks to ADS-B Out -equipped military aircraft; and (2) DOD has implemented key tasks in the 2007 memorandum on implementing NextGen. GAO analyzed risks identified by DOD and FAA related to ADS-B vulnerabilities, and how they could affect current and future air defense and air traffic missions. GAO also reviewed the tasks in the 2007 NextGen Memorandum and assessed whether the eight tasks specifically related to ADS-B were implemented. What GAO Recommends GAO is recommending that DOD and FAA approve one or more solutions to[...]

GAO-18-329T, VA Construction: Actions Taken to Improve Denver Medical Center and Other Large Projects' Cost Estimates and Schedules, January 17, 2018

Wed, 17 Jan 2018 12:00:00 -0500

What GAO Found The Department of Veterans Affairs (VA) is taking actions to implement GAO's 2017 recommendations related to project management, as described below. However, in some cases VA has yet to fully implement these actions. Change orders: In 2017, GAO found that VA did not track: (1) how long it took for change orders—changes in a project's design—to be approved and whether that amount of time met VA's guidelines, or (2) the reasons for those changes. Since then, however, VA has started tracking the time frames. Additionally, VA told GAO it is tracking the reasons for those changes as well as developing guidance on how to use this information and agreed to provide documentation. This step does not affect change orders for the Denver project (see photograph), which is managed by the U.S. Army Corps of Engineers (USACE) but, if fully implemented should improve VA's management of other projects. Cost Estimate for Activating Facility: In 2017, GAO found that the most recent cost estimate of $341 million for activating, or bringing the Denver Medical Center into full operation, had minimal supporting documentation. Although VA is improving its cost estimation process for activation in response to our recommendation, the Denver estimate does not yet meet or substantially meet the characteristics of a reliable activation cost estimate. Integrated Master Schedule: In 2017, GAO found that certain activities and milestones from Denver's construction and activation schedule were not aligned with its integrated master schedule—the schedule intended to link construction and activation activities. Without a fully integrated master schedule, VA could have encountered additional delays in completing the project. GAO recommended VA clarify its guidance on linking schedules. VA said it has since aligned its construction and activation schedules for the Denver project and agreed to provide GAO documentation. VA has clarified its guidance and is working with USACE to ensure this clarification occurs on other projects. Department of Veterans Affairs' Denver Medical Center Project Why GAO Did This Study VA and USACE are nearing completion of the Denver Medical Center, which is intended to improve health care to veterans in that region. This project has suffered from substantial cost increases and delays resulting not only from unforeseen circumstances but also from mismanagement. In response, Congress mandated that VA outsource management of certain projects costing $100 million or more. VA contracted with USACE to manage construction of the Denver project, among others. VA continues to manage other major construction projects. In March 2017, GAO reported on opportunities to improve the management of Denver and other VA construction projects. Specifically, GAO recommended that VA: (1) establish a mechanism to monitor change orders; (2) develop a reliable activation cost estimate for the Denver project, and (3) clarify policies on integrating schedules. VA concurred with our recommendations. This statement discusses, among other objectives, VA's actions to address these recommendations. The statement is based on GAO's March 2017 report (GAO-17-70), additional documentation VA provided to address GAO's recommendations, and selected updates on the Denver Medical Center as well as other major VA projects. For more information, contact Andrew Von Ah at (213) 830-1011 or

GAO-18-336T, Prescription Opioids: Medicare Should Expand Oversight Efforts to Reduce the Risk of Harm, January 17, 2017

Wed, 17 Jan 2018 12:00:00 -0500

What GAO Found The Centers for Medicare & Medicaid Services (CMS), within the Department of Health and Human Services (HHS), provides guidance on the monitoring of Medicare beneficiaries who receive opioid prescriptions to plan sponsors—private organizations that implement the Medicare drug benefit, Part D—but lacks information on most beneficiaries at risk of harm from opioid use. CMS provides guidance to plan sponsors on how they should monitor opioid overutilization among Medicare Part D beneficiaries, and requires them to implement drug utilization review systems that use criteria similar to CMS's. CMS's criteria focused on beneficiaries who do all the following: (1) receive prescriptions of high doses of opioids, (2) receive prescriptions from four or more providers, and (3) fill prescriptions at four or more pharmacies. According to CMS, this approach focused actions on beneficiaries the agency determined to have the highest risk of harm. CMS's criteria, including recent revisions, do not provide sufficient information about the larger population of potentially at-risk beneficiaries. CMS estimates that while 33,223 beneficiaries would have met the revised criteria in 2015, 727,016 would have received high doses of opioids regardless of the number of providers or pharmacies. In 2016, CMS began to collect information on some of these beneficiaries using a higher dosage threshold for opioid use. This approach misses some who could be at risk of harm, based on Centers for Disease Control and Prevention guidelines. As a result, CMS is limited in its ability to assess progress toward meeting the broader goals of its Opioid Misuse Strategy for the Medicare and Medicaid programs, which includes activities to reduce the risk of harm to beneficiaries from opioid use. CMS Estimates of 2015 Part D Beneficiaries with High Opioid Doses and Those Who Would Have Met Revised Overutilization Monitoring Criteria CMS oversees the prescribing of drugs at high risk of abuse through a variety of projects, but does not analyze data specifically on opioids. According to CMS officials, CMS and plan sponsors identify providers who prescribe large amounts of drugs with a high risk of abuse, and those suspected of fraud or abuse may be referred to law enforcement. However, GAO found that CMS does not identify providers who may be inappropriately prescribing large amounts of opioids separately from other drugs, and does not require plan sponsors to report actions they take when they identify such providers. As a result, CMS is lacking information that it could use to assess how opioid prescribing patterns are changing over time, and whether its efforts to reduce harm are effective. Why GAO Did This Study Misuse of prescription opioids can lead to overdose and death. In 2016, over 14 million Medicare Part D beneficiaries received opioid prescriptions, and spending for opioids was almost $4.1 billion. GAO and others have reported on inappropriate activities and risks associated with these prescriptions. This statement is based on GAO's October 2017 report (GAO-18-15) and discusses (1) CMS oversight of beneficiaries who receive opioid prescriptions under Part D, and (2) CMS oversight of providers who prescribe opioids to Medicare Part D beneficiaries. For the October 2017 report, GAO reviewed CMS opioid utilization and prescriber data, CMS guidance for plan sponsors, and CMS's strategy to prevent opioid misuse. GAO also interviewed CMS officials, the six largest Part D plan sponsors, and 12 national associations selected to represent insurance plans, pharmacy benefit managers, physicians, patients, and regulatory and law enforcement authorities. What GAO Recommends In the October 2017 report, GAO made three recommendations that CMS (1) gather information on the full number of at-risk beneficiaries receiving high doses of opioids, (2) identify providers who prescribe high amounts of opioids, and (3) require [...]

GAO-18-317T, NASA Commercial Crew Program: Continued Delays Pose Risks for Uninterrupted Access to the International Space Station, January 17, 2018

Wed, 17 Jan 2018 12:00:00 -0500

What GAO Found Both Boeing and Space Exploration Technologies (SpaceX) are making progress toward their goal of being able to transport American astronauts to and from the International Space Station (ISS). However, both continue to experience schedule delays. Such delays could jeopardize the ability of the National Aeronautics and Space Administration's (NASA) Commercial Crew Program to certify either company's option—that is, to ensure that either option meets NASA standards for human spaceflight—before the seats the agency has contracted for on Russia's Soyuz spacecraft run out in 2019. (See figure.) Commercial Crew Program: SpaceX and Boeing's Certification Delays GAO's ongoing work has identified three key risks, which are consistent with challenges reported in February 2017 that could further delay certification of each contractor's crew transportation system: Aggressive schedules —NASA, Boeing, SpaceX, and independent review bodies have all noted that the contractors' schedule plans are aggressive. The anticipated schedule risks have since materialized. Programmatic and safety risks —SpaceX and Boeing are addressing technical risks, which is not uncommon for NASA projects as they often push the state of the art in space technology. In addition, the contractors' systems must meet a standard for crew safety. Additional work remains to determine whether the contractors will meet this requirement. Program office workload —Program officials told GAO that one of their greatest upcoming challenges will be to complete two oversight activities—conducting phased safety reviews and verifying that contractors meet requirements—concurrently. The program's ability to smooth its workload is limited, as the contractors generally control their development schedules. In February 2017, GAO found that proposed schedule changes could alleviate some overlap. Delays and uncertain final certification dates raise questions about whether the United States will have uninterrupted access to the ISS after 2019, and may lessen NASA's return on investment with the contractors. GAO will continue to assess the contractors' and program's progress. Why GAO Did This Study Since the Space Shuttle was retired in 2011, the United States has been relying on Russia to carry astronauts to and from the space station. NASA's Commercial Crew Program is facilitating private development of a domestic system to meet that need safely, reliably, and cost-effectively before the seats it has contracted for on a Russian spacecraft run out in 2019. In 2014, NASA awarded two firm-fixed-price contracts to Boeing and SpaceX worth a combined total of up to $6.8 billion to develop crew transportation systems and conduct initial missions to the space station. In February 2017, GAO found that both contractors had made progress, but their schedules were under mounting pressure. This statement provides preliminary observations on the extent to which the contractors and the program are making progress toward meeting NASA's standards for human spaceflight, a process called certification. This statement is based on ongoing work and information contained in GAO's February 2017 report on this program (GAO-17-137). To do this work, GAO analyzed contracts, schedules, and other documentation. What GAO Recommends GAO is not making any new recommendations. In February 2017, GAO recommended that NASA develop a contingency plan to maintain access to the ISS beyond 2018, when its contract with Russia for seats on the Soyuz was scheduled to end. NASA agreed with this recommendation and purchased Soyuz seats through 2019. For more information, contact Cristina T. Chaplain at (202) 512-4841 or

GAO-18-83, Medicare Part B: Medicare Represented at Least Half of the Market for 22 of the 84 Most Expensive Drugs in 2015, December 18, 2017

Wed, 17 Jan 2018 12:00:00 -0500

What GAO Found Medicare bases its payments for most Part B drugs on the average amount that individual purchasers such as physicians paid to manufacturers, net of discounts and rebates, called the average sales price (ASP). For most Part B drugs, Medicare sets the payment rate equal to the ASP plus an additional 6 percent. Medicare's market share—the percentage of total units of a drug sold that were provided to Medicare beneficiaries—is one of several factors that can affect the market price for drugs covered under Part B. By law, Medicare pays the ASP-based rate regardless of how high or low that rate may be, while a private insurer can respond to higher pricing by modifying coverage or eliminating a drug from its benefit package. Thus, when Medicare accounts for a large share of the market for a drug, a manufacturer may have less incentive to price the drug competitively. In 2015, Medicare's fee-for-service (FFS) program represented 50 percent or more of the market for 22 of the 84 most expensive Part B drugs GAO analyzed. These 22 drugs collectively represented $7.4 billion in spending—or about 30 percent of all Medicare spending on Part B drugs in 2015. Medicare's Market Share for 84 High-Expenditure Part B Drugs, 2015 Note: GAO defined Medicare's market share as the percentage of total units of a drug sold that were provided to beneficiaries in the Medicare fee-for-service program. Expenditures reflect the total amount spent by the Medicare fee-for-service program and its beneficiaries. Among the 22 drugs where Medicare represented the majority of the market, 18 had a single manufacturer. Single manufacturers—lacking direct competitors—may have greater ability to increase a drug's price without seeing sales decline. Why GAO Did This Study In 2015, Medicare spent about $26 billion on Part B drugs, including injectable drugs, and certain cancer drugs, which are typically administered in a physician's office or hospital outpatient department. GAO was asked to examine Medicare's share of the Part B drug market. This report describes Medicare's market share for high-expenditure Part B drugs paid based on ASP and the characteristics of those drugs. To determine Medicare's market share for Part B drugs paid based on ASP, GAO used 2015 Medicare FFS claims data—the most recent year available at the time of GAO's analysis—to identify the 50 Part B drugs with the highest total expenditures and the 50 drugs with the highest expenditures per beneficiary. In total, GAO analyzed 84 drugs because some were in both groups. GAO used Medicare claims and manufacturer sales data from the Centers for Medicare & Medicaid Services (CMS) to calculate Medicare's market share for each drug in 2015. To examine characteristics of the 84 drugs, such as whether a drug was produced by a single manufacturer, GAO analyzed data from the Food and Drug Administration and Truven Health Analytics' RED BOOK, which publishes drug pricing and product information. GAO received technical comments on a draft of this report from the Department of Health and Human Services, the agency that oversees CMS, and incorporated these comments as appropriate. For more information, contact James Cosgrove at (202) 512-7114 or

GAO-18-103, Medicaid: CMS Should Take Additional Steps to Improve Assessments of Individuals' Needs for Home- and Community-Based Services, December 14, 2017

Tue, 16 Jan 2018 12:00:00 -0500

What GAO Found The six selected states that GAO reviewed used multiple approaches to assess individuals' needs for Medicaid home- and community-based services (HCBS). Each state may have multiple HCBS programs authorized under different sections of the Social Security Act. These programs serve beneficiaries who generally need assistance with daily activities, such as bathing or dressing. States establish needs assessment processes to collect data on functional needs, health status, and other areas that they use to determine individuals' eligibility for HCBS and to plan services, such as the amount of services needed. The selected states varied in the extent to which they used different assessments across HCBS programs and used multiple types of entities—such as state or government agencies, contractors, or providers—to conduct them. The Centers for Medicare & Medicaid Services (CMS) has taken steps to improve needs assessments but concerns about conflict of interest remain in regard to HCBS providers and managed care plans. HCBS providers may have a financial interest in the outcome of needs assessments, which could lead to overstating needs and overprovision of services. CMS has addressed risks associated with HCBS provider conflicts, such as by requiring states to establish standards for conducting certain needs assessments, but these requirements do not cover all types of HCBS programs. For example, specific conflict of interest requirements are generally not in place for needs assessments that are used to inform HCBS eligibility determinations. In addition, requirements for states to establish standards to address HCBS providers' potential for conflict of interest in conducting needs assessments that are used for service planning do not apply across all programs. CMS Conflict-of-Interest Requirements for Needs Assessments Used for Service Planning for Selected Medicaid Home- and Community-Based Services (HCBS) Programs by Authorizing Section of the Social Security Act Needs assessments used for service planning Section 1905(a) Section 1915(c) Section 1915(i) Section 1915(j) Section 1915(k) States must address HCBS provider conflicts-of-interest - ✔ ✔ ✔ ✔ Legend: ✔ = requirement exists; - = no direct requirement exists Source: GAO analysis of Centers for Medicare & Medicaid Services' (CMS) regulations. | GAO-18-103 Similarly, managed care plans may have a financial interest in the outcome of HCBS assessments used for both determining eligibility and service amounts. Managed care plans could have an incentive to enroll beneficiaries with few needs, as plans typically receive a fixed payment per enrollee. For example, a plan in one state admitted in a settlement with the federal government to enrolling 1,740 individuals, from 2011 through 2013, whose needs did not qualify them. In 2013, CMS issued guidance that managed care plans may not be involved in assessments used to determine eligibility for HCBS, but CMS has not consistently required states to prevent this involvement. Among three states GAO reviewed with managed care HCBS programs, CMS required one to stop allowing plans to conduct such assessments but allowed plan involvement in two states. The absence of conflict-of-interest requirements across all types of HCBS programs and states is not consistent with federal internal control standards, which require agencies to respond to risks to program objectives. Why GAO Did This Study With approval from CMS, the federal agency responsible for overseeing state Medicaid programs, states can provide long-term care services and supports for disabled and aged indivi[...]

GAO-18-80, Generic Drugs: FDA Should Make Public Its Plans to Issue and Revise Guidance on Nonbiological Complex Drugs, December 14, 2017

Tue, 16 Jan 2018 12:00:00 -0500

What GAO Found Certain drugs, referred to as nonbiological complex drugs (NBCD), have a more complex chemical structure than most other drugs. As a result, it can be more difficult to identify the physical and chemical properties of these NBCDs and, thus, more difficult to demonstrate that generic versions of these drugs are equivalent to their brand-name counterparts—a requirement for their approval by the Food and Drug Administration (FDA). To assess the equivalence of generic versions of NBCDs, drug company sponsors and FDA may need to take more steps compared with generic versions of noncomplex drugs. All but 2 of the 19 stakeholders GAO interviewed agreed that it is challenging to demonstrate equivalence. However, they disagreed about the extent of the challenges and whether those challenges could be overcome. For example, while some brand-name drug sponsors suggest it may be impossible to show that the active ingredient is equivalent between a brand-name and generic complex drug, some generic drug sponsors believe it can be done through advanced scientific methods. GAO identified several steps that have been taken that may help address the challenges associated with reviews to determine equivalence of generic NBCDs to their brand-name counterparts. However, stakeholders disagreed about whether these steps have been sufficient. For example, to facilitate the entry of generic drugs on the market, including NBCDs, FDA issued product-specific guidance documents to industry, providing recommendations on how to demonstrate equivalence for certain products. While some stakeholders cited product-specific guidance as helpful, representatives of four brand sponsors said the guidance does not adequately address the scientific complexities of NBCDs. Further, guidance for some NBCDs was revised numerous times without any advance notification to industry, according to representatives of generic drug sponsors. Internal control standards for the federal government on communication state that sharing quality information with external parties is necessary to achieve an entity's objectives. FDA's good guidance practices regulation also specifies that the agency will publish a list of possible topics for guidance development or revision for the next year. Although FDA publishes such a list annually, it does not include product-specific guidance documents. The lack of advance communication on guidance issuance and subsequent revisions can create setbacks for generic drug sponsors. For example, according to such sponsors, it may take considerable time, effort, and other resources for them to update their applications to market a generic drug in response to unexpected changes in guidance. This could delay or prevent the entry of some generics to the market. Why GAO Did This Study Generic versions of brand-name drugs provide substantial cost savings for patients and the U.S. health care system. FDA, an agency within the Department of Health and Human Services (HHS), has approved generic versions of NBCDs. Some industry stakeholders have asserted that, because it is difficult to assess equivalence for these complex drugs, there could be safety and efficacy problems that might not appear until after generic versions are on the market. GAO was asked to assess FDA's process for reviewing generic versions of NBCDs. Among other things, this report (1) identifies the scientific challenges the review of generic versions of NBCDs may present and (2) identifies and evaluates the steps FDA has taken that may help address the challenges related to the review of generic NBCDs. GAO studied the literature and examined FDA product-specific guidance. GAO reviewed information related to the five NBCDs for which FDA had approved a generic version prior to fiscal year 2017. GAO also interviewed FDA officials and a nongeneraliza[...]

GAO-18-140, FDA Medical Device Reviews: Evaluation is Needed to Assure Requests for Additional Information Follow a Least Burdensome Approach, December 15, 2017

Tue, 16 Jan 2018 12:00:00 -0500

What GAO Found Since 1997, the Food and Drug Administration (FDA) has been required to consider the least burdensome means of evaluating certain types of medical devices for marketing, including when requesting that sponsors—generally manufacturers—seeking to market their medical devices provide information in addition to what was provided in their submissions. GAO found that, from 2001 through 2016, FDA issued letters asking sponsors to provide such information for a majority of the more than 62,000 medical device submissions that it reviewed. Sponsors may formally disagree with the request on the grounds that it is not the least burdensome method needed for FDA to review the submission. For example, sponsors appealed FDA decisions internally to agency management 63 times from 2013 through 2016, and of these, FDA identified 33 such appeals in which the sponsor raised an issue related to least burdensome requirements. FDA agreed or partially agreed with the sponsors in 11 of these appeals. Medical device industry representatives noted that these appeals may not fully represent the number of such disagreements, because applicants are generally concerned that an appeal would damage their relationship with FDA and potentially negatively affect future device applications. FDA provided staff training that was specifically dedicated to addressing the least burdensome requirements from 1997 through 1999. Since 1999, FDA has not offered a course dedicated to the least burdensome requirements, but has incorporated related concepts into other training programs, such as in a training mandatory for most new reviewers. In response to the 21st Century Cures Act, enacted in 2016, FDA is providing new least burdensome training to all relevant employees, and said that 80 percent had received the training as of October 2, 2017. Although FDA did not specifically evaluate the effectiveness of past training on least burdensome requirements, it is implementing an evaluation of all device-related training, including the new least burdensome training. It also plans to complete a required audit of training on least burdensome requirements by June 2018. FDA has not specifically evaluated implementation of the least burdensome requirements. However, in response to broader evaluations, such as an independent assessment of its medical device review process, the agency is in the early stages of developing processes that may improve its requests for additional information. For example, FDA plans to conduct an audit of letters requesting additional information. FDA is developing the audit's methodology and expects it will assess whether the agency's process was followed. However, due to their early stage, the extent to which these efforts will allow FDA to assess implementation of the least burdensome requirements is unclear. In 2002, FDA stated that it planned to periodically assess the implementation of the least burdensome principles, and federal internal control standards identify the importance of performance metrics for such assessments. However, the agency has yet to develop performance metrics to do so. Until such measures are developed and used, FDA will not be able to evaluate whether it effectively and consistently applies a least burdensome approach in its medical device reviews. Why GAO Did This Study Determining that a new medical device is safe and effective is a substantial investment of time and resources for the sponsor and FDA, the agency that regulates medical devices. FDA relies on the device sponsor to provide supporting data at the time of its original submission, and the agency can request additional information during the review. The Federal Food, Drug, and Cosmetic Act, as amended, requires that when FDA requests additional information from sponsors, the agency consider[...]

GAO-18-143, Disaster Recovery: Additional Actions Would Improve Data Quality and Timeliness of FEMA's Public Assistance Appeals Processing, December 15, 2017

Tue, 16 Jan 2018 12:00:00 -0500

What GAO Found Weaknesses in the quality of Federal Emergency Management Agency's (FEMA) Public Assistance (PA) appeals data limit its ability to oversee the appeals process. For example, FEMA's data are inaccurate and incomplete because regional offices do not consistently track first-level appeals and FEMA does not have processes to ensure data quality. When GAO discussed these weaknesses with FEMA officials, they acknowledged them and provided GAO with corrected data for January 2014 through July 2017. GAO's analyses of the corrected data show fluctuations in the appeal inventory from year to year depending on the number of disasters declared and delays in processing. For example, as shown in the figure, only 9 percent of first-level and 11 percent of second-level appeals were processed within the 90-day statutory timeframe. Processing Times for Decided Appeals, Based on Appeals FEMA Received between January 2014 and July 2017 FEMA has taken steps to improve its management of the appeals process—including issues that GAO and the Department of Homeland Security's Office of Inspector General identified in 2008 and 2011. For example, FEMA increased its appeal staffing levels and developed standard operating procedures. Despite these efforts, FEMA continued to face a number of workforce challenges that contributed to processing delays, such as staff vacancies, staff turnover, and delays in training. FEMA has not developed a workforce staffing plan to identify hiring, training, and retention needs across its headquarters and regional offices, though FEMA officials acknowledge the potential benefits of having such a plan and stated that they are focused on filling vacancies. In the absence of a workforce plan, FEMA will continue to experience workforce challenges that could further contribute to delays in processing appeals. FEMA has not established goals and measures for assessing first-level appeals processing performance, but has done so for second-level appeals. FEMA views establishing these first-level goals and measures as the responsibility of its regional offices. Without goals and measures, FEMA is limited in its ability to assess the efficiency and effectiveness of its overall appeals process and identify and address weaknesses that may lead to delays in making appeal decisions. Why GAO Did This Study In both 2016 and 2017, 15 separate U.S. disasters resulted in losses exceeding $1 billion each. FEMA provides PA grants to state and local governments to help communities recover from such disasters. If applicants disagree with FEMA's decision on their PA grant application, they have two chances to appeal: a first-level appeal to be decided by the relevant FEMA regional office and, if denied, a second-level appeal to be decided within FEMA's Recovery Directorate. Each is subject to a 90-day statutory processing timeframe. GAO was asked to review FEMA's appeals process. This report examines: (1) the extent to which FEMA ensures the quality of its appeals data and what these data show about PA appeals inventory and timeliness; (2) what steps FEMA has taken to improve its management of the appeals process and what challenges, if any, remain; and (3) the extent to which FEMA developed goals and measures to assess program performance. GAO analyzed FEMA policies, procedures, and data on appeals and interviewed officials from headquarters and from regional offices with the highest number of pending appeals. GAO also spoke to state officials from the two states within each of the three regions with the highest number of pending appeals. What GAO Recommends GAO is making four recommendations, including that FEMA implement a consistent approach for tracking appeals and ensuring data quality, develop a workforce plan, and develop meas[...]

GAO-18-57, Commercial Space Launch Insurance: FAA Needs to Fully Address Mandated Requirements, January 16, 2018

Tue, 16 Jan 2018 12:00:00 -0500

What GAO Found The Federal Aviation Administration's (FAA) report evaluating its maximum probable loss (MPL) methodology did not fully address the evaluation and consultation requirements specified by the U.S. Commercial Space Launch Competitiveness Act (CSLCA). Balance of Risk. CSLCA required FAA to include ensuring that the federal government is not exposed to greater indemnification costs and that launch companies are not required to purchase more insurance coverage than necessary as a result of FAA's MPL methodology. FAA said that it ensured this balance by improving its methodology, but it did not reevaluate its probability thresholds after revising its methodology. These thresholds are used to divide the risk of loss between launch companies and the government. Impact on Costs. The act required FAA to consider the costs to both the industry and the federal government of implementing an updated methodology. FAA's report discussed the impact on indirect costs, such as data collection, but did not discuss direct costs: insurance premiums for launch companies and indemnification liability for the federal government. Consultation. The act also required FAA to consult with the commercial space sector and insurance providers in evaluating its MPL methodology in accordance with the preceding requirements. While the agency consulted with some stakeholders, these consultations were limited in scope. FAA officials said they have not been able to take the actions needed to fully satisfy the mandated elements because of issues such as resource limitations and the lack of available data. However, by not resolving these issues, FAA lacks assurance that launch companies are not purchasing more insurance than needed or that the federal government is not being exposed to greater indemnification costs than expected. FAA has addressed two of three previously identified weaknesses in its MPL methodology but has not yet dealt with the remaining weakness. Specifically, the agency has revised its methodology for estimating the number of potential casualties for a launch and changed the factor it uses to derive estimated property damage from estimated casualties. However, FAA has not updated the amount used for the cost of an individual casualty. GAO recommended in a March 2017 report (GAO-17-366) that FAA update this amount. Not doing so could understate the amount of insurance launch companies are required to purchase, exposing the federal government to excess risk. GAO also determined that while FAA has two tools and methods it can use in making its MPL estimates, it does not have guidance on determining which are most appropriate for a given launch scenario. For example, one tool is more comprehensive but also labor intensive to use, while the other is inappropriate for certain launch scenarios and could result in misleading MPL amounts. Officials said they have begun to create such guidance but do not have an estimated completion date. Without such guidance, FAA cannot ensure that the most appropriate MPL methodology is used for each launch. Why GAO Did This Study The federal government shares liability risks with the commercial space launch industry for accidents that result in damages to third parties or federal property. This arrangement requires space launch companies to have a specific amount of insurance to cover these damages. The government is potentially liable for damages above that amount, up to a cap GAO estimated to be $3.1 billion in 2017, subject to appropriations in advance. CSLCA, enacted in 2015, directed the Department of Transportation, of which FAA is a part, to evaluate its MPL methodology and, if necessary, develop a plan to update that methodology. The act also included a provision requiring[...]

GAO-18-201, VA Facility Security: Policy Review and Improved Oversight Strategy Needed, January 11, 2018

Thu, 11 Jan 2018 12:00:00 -0500

What GAO Found The Department of Veterans Affairs' (VA) risk management policies include some but not all of the elements of standards set by the Interagency Security Committee (ISC). ISC was established via executive order to develop security standards and best practices that federal agencies are to follow when developing and conducting risk assessments. As part of this process, VA's policy identifies minimum countermeasures as called for in ISC's standards. In other areas, VA policy only partially adheres or does not adhere to ISC's standards, for example: Of the five factors ISC calls for when calculating a facility's security level, VA considers three but does not consider a facility's population and size. VA policy does not include performance measures, such as the number of countermeasures in use or the percentage of facility assessments completed; this percentage is a key element of ISC's standards for assessing the effectiveness of an agency's security programs. Officials at VA said that its risk management program was developed prior to the ISC standards' being issued in 2013 and that it is up to each agency to determine how to best apply the standards. Nevertheless, VA officials said they are currently reexamining their policies. Until VA reviews its policies in accordance with ISC standards, its approach to risk management may not yield the appropriate security posture needed to adequately protect its medical centers. VA's oversight activities for risk management do not encompass key aspects of the Standards for Internal Control in the Federal Government and Circular A-123 from the Office of Management and Budget that require agencies to conduct oversight activities to ensure the accountability and effectiveness of agency programs. VA has an oversight process to ensure that biennial assessments of individual facilities' security are completed. However, VA: does not review the quality of medical centers' required risk assessments, does not identify whether countermeasures were implemented appropriately by the medical centers, and does not collect system-wide data to gain an understanding of physical security issues across medical centers. In the absence of a comprehensive VA-wide strategy or guidance that reflects these internal control standards, individual sites have established their own approaches to carrying out VA's risk management policy. For example, the nine sites GAO reviewed conducted their security assessments differently, and none of the assessments indicated that all of the threat categories in VA's policy were reviewed. The lack of a system-wide oversight strategy means that the differences among medical center approaches, along with the security effects of those different approaches, are unknown. Accordingly, VA does not know if its medical centers are adequately protected, and it may be missing opportunities to leverage resources nationally and make better informed, proactive policy decisions. Why GAO Did This Study The Veterans Health Administration (VHA is responsible for providing a safe and secure, yet welcoming environment for staff, patients, and visitors at nearly 170 medical centers. These facilities have been the target of violence, threats, and other security-related incidents. Assessing and managing risks a critical element for ensuring adequate physical security at these facilities. GAO was asked to review VA's physical security risk-management policies and practices. This report: (1) assesses how VA's policies for risk management reflect prevailing standards, and (2) evaluates VA's oversight of risk management at VHA medical facilities. GAO compared VA policies to ISC standards; reviewed VA documents; interviewed VA and ISC offici[...]

GAO-18-214, Nuclear Security: CBP Needs to Take Action to Ensure Imported Radiological Material Is Properly Licensed, January 10, 2018

Wed, 10 Jan 2018 12:00:00 -0500

What GAO Found U.S. Customs and Border Protection (CBP) agency officials at U.S. airports have not verified the legitimacy of all licenses for imported radiological materials as required by CBP's policy. The policy requires CBP officials, when alerted, to verify licenses by calling experts in a centralized CBP office. CBP officials at two of four airports GAO visited said they were calling as required. However, CBP officials at the other two airports did not verify many licenses from January 1, 2015, through September 30, 2016, and headquarters officials were unaware of non-compliance with CBP policy. Also, GAO found that during this time frame nationwide, CBP officials were alerted to verify licenses for a significant number of shipments of licensable radiological material for all U.S. airports, but they did not make all the required calls—leaving numerous shipments potentially unverified over this 21-month period. This situation occurred because CBP does not have a monitoring system to ensure that officials make license verification calls as required. Until CBP develops a monitoring system for license verification, it will not have reasonable assurance that it can identify activities inconsistent with its policy and take corrective action. CBP procedures cannot effectively implement the agency's policy that its officials verify all radiological material shipments imported into the United States. The procedures are not effective for this policy in part because they rely on automated alerts that are based on some but not all relevant information that could indicate potentially dangerous radiological material. Consequently, CBP's current system and procedures cannot ensure that all such materials will be identified. Under federal internal control standards, agencies are to design control activities to achieve objectives and respond to risks. However, CBP does not have the information it needs to develop a robust system or revise its procedures because it has not conducted a comprehensive assessment of the information not included in its automated alert system. In particular, CBP has not assessed relevant information not currently included in the automated alert or how to create a more risk-based approach that distinguishes between higher- and lower-risk quantities of radiological materials. Without such an assessment, CBP may be unable to develop a system or procedures that best support its policy for verifying imported radiological materials. This is a public version of a sensitive report GAO issued in September 2017. Information CBP deemed sensitive has been omitted. Why GAO Did This Study Thousands of shipments containing radiological material enter the United States each year through airports across the country. Radiological material is used in various medical and industrial applications, and possession requires a license from the Nuclear Regulatory Commission (NRC) or one of the 37 states to which NRC has relinquished licensing authority. Failure to verify the licenses could allow terrorists to acquire radiological material for a dirty bomb, which uses explosives to disperse the material. GAO was asked to review CBP policies and procedures related to license verification. This report examines, among other things, (1) the extent to which CBP follows its policies and procedures, and (2) the effectiveness of these policies and procedures. GAO reviewed relevant policies and procedures, analyzed CBP data related to radiological material shipments and license verification, interviewed CBP and NRC officials, and selected four airports to visit based on expected traffic of radiological shipments. What GAO Recommends GAO recommends that CBP develop a monitor[...]

GAO-18-226, National Security: Ongoing Review of the Military Selective Service Process Could Benefit from Additional Information, January 10, 2018

Wed, 10 Jan 2018 12:00:00 -0500

What GAO Found In its July 2017 report to Congress and the National Commission on Military, National, and Public Service (i.e., “the Commission”), the Department of Defense (DOD) provided information regarding each of the six required reporting elements contained in the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2017. Specifically, DOD provided information on: 1. the direct and indirect benefits of the military selective service system; 2. the functions performed by the Selective Service System that would be assumed by DOD in the absence of a national registration system; 3. the systems, manpower, and facilities needed by DOD to physically mobilize inductees in the absence of the Selective Service System; 4. the feasibility and the utility of eliminating the focus on the mass mobilization of primarily combat troops in favor of a system that focuses on the mobilization of military occupational specialties, and the extent to which such a change would impact the need for both male and female inductees; 5. DOD's personnel needs in the event of an emergency requiring mass mobilization; an analysis of any additional critical skills that would be needed in the event of a national emergency; and a timeline for when DOD would require the first inductees to report for service; and 6. a list of the assumptions used by DOD to conduct its analysis. GAO identified additional information that may benefit the Commission's ongoing evaluation of the military selective service process. The fifth required reporting element required DOD to analyze its personnel needs in the event of an emergency requiring mass mobilization and a timeline for obtaining these inductees. In response, DOD provided the personnel requirements and timeline that were developed in 1994 and that have not been updated since. DOD officials stated that they did not conduct additional analysis to update these requirements because the all-volunteer force is of adequate size and composition to meet DOD's personnel needs. In 2012, GAO recommended that DOD establish a process to periodically reevaluate DOD's requirements for the Selective Service System. Although DOD concurred with this recommendation, it has not yet implemented it. GAO believes this recommendation is still valid. Having updated DOD Selective Service System requirements and timelines for a potential draft may be useful in supporting the ongoing evaluation of the military selective service process by the Commission. Further, military service officials told GAO that their perspectives on how selective service processes that could affect them had not been solicited in the preparation of DOD's report. Since the military services are to receive, train and integrate the inductees; provide support to the Selective Service System during a national emergency; and could help identify critical skill sets needed to meet emerging demands and the impact a draft could have on meeting those demands, the military service officials' perspectives could be useful to the Commission. DOD officials stated that they are currently collecting these perspectives and plan to provide this information to the Commission. Why GAO Did This Study The Military Selective Service Act established the Selective Service System whose mission, among other things, is to be prepared to provide trained and untrained manpower to DOD in the event of a national emergency when directed by the President and the Congress. In the NDAA for FY 2017, Congress included a provision requiring that DOD submit a report on the current and future need for a centralized registration system under the Military Selective Service Act. In addition, the [...]

GAO-18-42, Information Technology: Agencies Need to Involve Chief Information Officers in Reviewing Billions of Dollars in Acquisitions, January 10, 2018

Wed, 10 Jan 2018 12:00:00 -0500

What GAO Found Most of the 22 selected agencies did not identify all of their information technology (IT) contracts. The selected agencies identified 78,249 IT-related contracts, to which they obligated $14.7 billion in fiscal year 2016. However, GAO identified 31,493 additional contracts with $4.5 billion obligated, raising the total amount obligated to IT contracts in fiscal year 2016 to at least $19.2 billion (see figure).The percentage of additional IT contract obligations GAO identified varied among the selected agencies. For example, the Department of State did not identify 1 percent of its IT contract obligations. Conversely, 8 agencies did not identify over 40 percent of their IT-related contract obligations. Figure: Agency- and GAO-Identified Approximate Dollars Obligated to Fiscal Year 2016 Information Technology (IT) Contracts at the 22 Selected Agencies Note: Due to rounding, the totals may not equal the sum of component obligation amounts. Many of the selected agencies that did not identify these IT acquisitions did not follow Office of Management and Budget's (OMB) guidance. Specifically, 14 of the 22 agencies did not involve the acquisition office in their process to identify IT acquisitions for Chief Information Officer (CIO) review, as required by OMB. In addition, 7 agencies did not establish guidance to aid officials in recognizing IT. Until agencies involve the acquisitions office in their IT identification processes and establish supporting guidance, they cannot ensure that they will identify all IT acquisitions. Without proper identification of IT acquisitions, agencies and CIOs cannot effectively provide oversight of these acquisitions. In addition to not identifying all IT contracts, 14 of the 22 selected agencies did not fully satisfy OMB's requirement that the CIO review and approve IT acquisition plans or strategies. Further, only 11 of 96 randomly selected IT contracts at 10 agencies that GAO evaluated were CIO-reviewed and approved as required by OMB's guidance. The 85 IT contracts not reviewed had a total possible value of approximately $23.8 billion. Until agencies ensure that CIOs review and approve IT acquisitions, CIOs will continue to have limited visibility and input into their agencies' planned IT expenditures and will not be able to use the increased authority that FITARA's contract approval provision is intended to provide. Further, agencies will likely miss an opportunity to strengthen CIOs' authority and the oversight of IT acquisitions. As a result, agencies may award IT contracts that are duplicative, wasteful, or poorly conceived. Why GAO Did This Study The federal government invested more than $90 billion on IT in fiscal year 2016. However, prior IT expenditures have produced failed projects. Recognizing the severity of issues, in December 2014 Congress enacted IT acquisition reform legislation (referred to as the Federal Information Technology Acquisition Reform Act, or FITARA). Among other things, OMB's FITARA implementation guidance requires covered agencies' chief acquisition officers to identify IT contracts for the CIOs to review and approve. GAO's objectives were to determine the extent to which (1) federal agencies identify IT contracts and how much is invested in them, and (2) federal agency CIOs are reviewing and approving IT acquisitions. To do so, GAO reviewed data on IT contracts from fiscal year 2016 at 22 agencies and compared agency actions to law and OMB guidance. What GAO Recommends GAO is making 39 recommendations, including that agencies ensure that acquisition offices are involved in identifying IT and issue related guidance; and[...]

GAO-18-202R, Defense Budget: Obligations of Overseas Contingency Operations Funding for Operation and Maintenance Base Requirements, January 10, 2018

Wed, 10 Jan 2018 12:00:00 -0500

What GAO Found The Department of Defense (DOD) reported obligating the $9.1 billion that Congress authorized in the National Defense Authorization Act for Fiscal Year 2016 as operation and maintenance (O&M) overseas contingency operations (OCO) funding for base requirements. These obligations were largely for base programs and activities, such as for headquarters, maintenance, and transportation costs. O&M base requirements encompass the continuing annual costs of DOD’s routine operations that would be incurred whether or not a contingency operation took place—including operating support for installations, training and education, civilian personnel, maintenance, contracted services, and defense health. In the Consolidated Appropriations Act, 2016, and the explanatory statement accompanying it, Congress subsequently appropriated $8.6 billion of the $9.1 billion authorized, as base funds rather than as OCO funds, while the remaining $500 million was appropriated as OCO funds for base requirements. DOD reported obligating these funds largely as was designated in the explanatory statement accompanying the Consolidated Appropriations Act, 2016. Why GAO Did This Study Since September 2001, Congress has appropriated approximately $1.7 trillion to DOD to fund OCO. On occasion, Congress has directed that OCO appropriations be used to support O&M base requirements. The National Defense Authorization Act for Fiscal Year 2016 authorized $9.1 billion of OCO appropriations to be made available for the support of specific O&M base requirements. The act also included a provision for GAO to report on how all funds authorized for base requirements were ultimately obligated by DOD. This report describes how DOD obligated the $9.1 billion in OCO appropriations that Congress authorized for base requirements in fiscal year 2016. In order to determine how DOD obligated the $9.1 billion, GAO compared the O&M OCO amounts authorized for each O&M subactivity group in the National Defense Authorization Act for Fiscal Year 2016 with the amounts that Congress designated for those subactivity groups in the Consolidated Appropriations Act, 2016. GAO then compared those designated amounts with data provided by the military services and from DOD’s execution reports and budget materials on the amounts obligated by subactivity group. What GAO Recommends GAO did not make any recommendations in the report and DOD did not have any comments on this report.  For more information, contact John H. Pendleton at (202) 512-3489 or

GAO-18-198, Telecommunications: FCC Should Improve Monitoring of Industry Efforts to Strengthen Wireless Network Resiliency, December 12, 2017

Tue, 09 Jan 2018 12:00:00 -0500

What GAO Found The number of wireless outages attributed to a physical incident—a natural disaster, accident, or other manmade event, such as vandalism—increased from 2009 to 2016, as reported to the Federal Communications Commission (FCC). During this time, the number of outages substantially increased from 189 to 1,079 outages, with most of the increase occurring from 2009 to 2011. FCC officials said this increase was due in part to growth in wireless customers and wireless infrastructure. Almost all outages attributed to a physical incident were due to an accident, such as damage to a cable due to a digging error (74 percent) or a natural disaster (25 percent). However, outages due to a natural disaster had a longer median duration (ranging from 19 to 36 hours), which was more than twice as long as outages caused by an accident. Power failures and failures in other providers' networks also play a role in wireless outages attributed to physical incidents. For instance, carriers reported that 87 percent of wireless outages attributed to a physical incident were due to a failure in another provider's network on which they rely. Since 2013, federal agencies and industry have taken actions to improve the resiliency of wireless networks. For example, the Department of Homeland Security (DHS) and FCC charter federal advisory committees that have examined resiliency issues and potential solutions, such as sharing infrastructure during emergencies. FCC also proposed a rule that would disclose how individual wireless carriers' networks performed during emergency events. In response, an industry coalition announced an initiative—the Wireless Network Resiliency Cooperative Framework—whereby carriers agreed to allow roaming on each other's networks and aggregated statistics to be published on how networks performed during emergency events. This initiative prompted FCC to not adopt its proposed rule. FCC said it would engage with industry about the framework's implementation and use, but FCC has limited formal plans to oversee or spread knowledge of the framework: FCC developed a plan to track the completion of initial implementation tasks outlined in the framework, but this plan does not include steps to track or evaluate any outputs or outcomes from the framework. FCC and industry documents describe broad goals for the framework, such as advancing information sharing during and after emergency events, but neither FCC nor industry has set any specific measures to help determine whether the framework achieves these broad goals. Although some public safety officials and other stakeholders GAO contacted were not aware of the framework, FCC did not have plans to actively communicate information about the framework to these audiences. More robust measures and a better plan to monitor the framework would help FCC collect information on the framework and evaluate its effectiveness. Such steps could help FCC address any challenges or decide whether further action is needed. Also, by promoting awareness about the framework, FCC would help public safety officials and other industry participants to be well positioned to use the framework to help them prepare for or respond to emergency events. Why GAO Did This Study Americans increasingly rely on mobile wireless communications for safety-related communications like calling 911 and receiving weather alerts. Mobile wireless networks face risks from physical incidents including extreme weather events and intentional and accidental damage. For example, in 2017 several major hurricanes damaged wireless [...]

GAO-18-37, Social Security Disability: Additional Measures and Evaluation Needed to Enhance Accuracy and Consistency of Hearings Decisions, December 07, 2017

Mon, 08 Jan 2018 12:00:00 -0500

What GAO Found Allowance rates—the rate at which Social Security Administration (SSA) administrative law judges allowed disability benefits to be paid when claimants appealed—varied across judges, even after holding constant certain characteristics of claimants, judges, hearing offices, and other factors that could otherwise explain differences in allowance rates. Specifically, GAO estimated that the allowance rate could vary by as much as 46 percentage points if different judges heard a typical claim (one that was average in all other factors GAO analyzed). SSA officials said that this level of variation is not surprising, given the complexity of appeals and judicial discretion. Nonetheless, the variation declined by 5 percentage points between fiscal years 2007 and 2015 (see figure), a change officials attributed to enhanced quality assurance efforts and training for judges. GAO also identified various factors that were associated with a greater chance that a claimant would be allowed benefits. In addition to characteristics related to disability criteria, such as the claimant's impairment and age, GAO found that claimants who had representatives, such as an attorney or family member, were allowed benefits at a rate nearly 3 times higher than those without representatives. Other factors did not appear related to allowance rates, such as the percentage of backlogged claims in a hearing office. Estimated Allowance Rates across Social Security Administrative Law Judges for Typical Disability Claims, Fiscal Years 2007-2015 Note: The range is the difference in allowance rates for judges at the 95th and 5th percentiles. We also identify the 75th and 25th percentiles. A typical claim had average values on all other factors we analyzed. SSA has various reviews to monitor the accuracy and consistency of hearings decisions by administrative law judges, but some of these reviews may overlap and SSA has not systematically evaluated them. Specifically, SSA conducts five types of quality assurance reviews of hearings decisions, several of which have similar goals and may look at similar claims. SSA has not evaluated the efficiency or effectiveness of these reviews, despite spending at least $11 million on them in fiscal year 2016. Moreover, the agency has struggled to sustain all of its quality reviews due to competing priorities—two of the five reviews were curtailed in 2016 because SSA reassigned staff to help expedite claims decisions. By evaluating which quality assurance reviews are most effective and efficient in improving accuracy and consistency, SSA would be better positioned to meet its goals within its resources. Why GAO Did This Study Individuals who do not agree with the initial decision on a claim for Social Security disability benefits can ultimately appeal the decision by requesting a hearing before one of SSA's approximately 1,500 administrative law judges. However, the rate at which these judges have allowed benefits has varied, raising questions about the reasons for this variation. GAO was asked to review aspects of SSA's oversight of judges' decisions. This report examines (1) to what extent allowance rates vary across administrative law judges, and factors associated with this variation; and (2) the extent to which SSA has processes to monitor the accuracy and consistency of hearings decisions. GAO developed a statistical model to analyze SSA data on adult disability decisions made by administrative law judges from fiscal years 2007 through 2015, the most current data available at the time of GAO's ana[...]

GAO-18-70, Medicaid: Further Action Needed to Expedite Use of National Data for Program Oversight, December 08, 2017

Mon, 08 Jan 2018 12:00:00 -0500

What GAO Found As of November 2017, 49 states had begun reporting Transformed Medicaid Statistical Information System (T-MSIS) data—a significant increase from 18 states reporting these data one year earlier. All eight states GAO reviewed identified converting their data to the T-MSIS format on an element-by-element basis as the main challenge in their reporting efforts. For some data elements, states had to expand or collapse their data to match the T-MSIS format. Examples of Possible Relationships in Converting State Data Elements and T-MSIS Elements With the continued implementation of T-MSIS, the Centers for Medicare & Medicaid Services (CMS) has taken an important step toward developing a reliable national repository for Medicaid data. However, data challenges have hindered states' and CMS's use of the T-MSIS data for oversight. None of the six selected states reporting T-MSIS data in August 2017 was reporting complete data. These states said that certain unreported elements were contingent on federal or state actions, and others were not applicable to the state's Medicaid program. States did not always specify in their documentation whether they planned to report elements in the future or when they would report complete data. Six of eight selected states expressed concerns about the comparability of T-MSIS data across states. Further, all states were interested in CMS facilitating information sharing among states. CMS has not compiled and shared information about states' data limitations, which would help states accurately compare their T-MSIS data to other states' T-MSIS data. CMS has taken steps for the initial use of T-MSIS data, but does not have a plan or associated timeframes for using these data for oversight. As a result, important CMS goals for T-MSIS, such as reducing states' reporting burden and enhancing program integrity activities, are not being fully realized. Why GAO Did This Study GAO and others have identified insufficiencies in state-reported Medicaid data that affect CMS's ability to oversee the program effectively. Recent increases in improper payments—estimated at $36.7 billion in fiscal year 2017—exacerbate concerns about program oversight. CMS officials identified the T-MSIS initiative, which began in 2011, as its main effort to improve Medicaid data, and cited aspects of T-MSIS aimed at improving the scope and quality of state-reported data. GAO reported in January 2017 that it is unclear when T-MSIS data will be available from all states; how CMS will ensure data quality; or how the data will be used to enhance oversight of Medicaid. GAO was asked to review states' experiences with T-MSIS implementation and planned uses of T-MSIS data. This report examines (1) states' experiences regarding T-MSIS implementation, and (2) challenges to CMS's and states' use of T-MSIS data for oversight. GAO reviewed federal laws, guidance, and internal control standards; reviewed documents and interviewed officials from eight states, selected based on their T-MSIS reporting status, location, program expenditures, and other factors; and interviewed CMS officials, CMS contractors, and individuals involved with other states' T-MSIS efforts. What GAO Recommends GAO recommends that CMS (1) improve T-MSIS's completeness and comparability to expedite its use, and (2) articulate a specific oversight plan. The Department of Health and Human Services concurred with GAO's recommendations. For more information, contact Carolyn L. Yocom at (202) 512-7114 or yocom[...]

GAO-18-147, Bureau of Prisons: Better Planning and Evaluation Could Help Ensure Effective Use of Retention Incentives, December 07, 2017

Mon, 08 Jan 2018 12:00:00 -0500

What GAO Found From fiscal years 2012 to 2016, the Department of Justice's (DOJ) Federal Bureau of Prisons' (BOP) total retention incentive expenditures generally increased from $10.7 to $14.0 million and the number of employees receiving retention incentives increased from 2,024 to 2,460. During those five years, BOP spent more than 97 percent of its total retention incentive expenditures on employees at four BOP institutions in California and for medical professionals nationwide. Further, total retention incentive expenditures for medical professionals increased by an average of 21 percent per year (see figure). According to BOP officials, BOP uses retention incentives, for example, to supplement BOP's medical professionals' salaries which are generally lower than private sector salaries. Bureau of Prisons' (BOP) Retention Incentive Expenditures by Groups of Occupations, Fiscal Years 2012- 2016 BOP has a variety of internal controls in place throughout the retention incentive process that help ensure retention incentive applications and approvals meet requirements. For example, each application goes through multiple levels of review to verify its accuracy and completeness. BOP takes steps to determine workforce needs and how to fill those needs, but has not strategically planned for and evaluated its use of retention incentives. According to BOP, planning for human capital needs is conducted at institutions during quarterly meetings, but discussions about these incentives respond to short-term staffing situations rather than proactively addressing future staffing needs. Including human capital goals and strategies in BOP's human capital plan would create a roadmap so the agency could move from being reactive to its current workforce needs to being strategic in trying to achieve its long-term workforce goals. Additionally BOP has not evaluated the effectiveness of its use of retention incentives in retaining staff. As a result, BOP does not know whether retention incentives have contributed to employees' retention in relation to other incentives used by BOP. Consistent with key principles for strategic human capital planning, planning for and evaluating the use of retention incentives could help BOP better determine if these incentives are an efficient and effective means by which to retain staff. Why GAO Did This Study BOP is the largest employer within DOJ and is responsible for the care and custody of an inmate population of about 186,000. BOP has faced challenges retaining staff at correctional facilities, although it has used retention incentives, along with other human capital flexibilities. GAO was asked to review BOP's use of retention incentives. This report addresses: (1) how BOP used its authority to pay retention incentives; (2) internal controls BOP has in place for the use of retention incentives; and (3) the extent to which BOP plans for and evaluates the use of retention incentives. GAO obtained employee-level retention incentive expenditure data from DOJ's Justice Management Division for fiscal years 2012 through 2016. GAO also reviewed agency documentation, such as policy statements and 40 randomly selected retention incentive application packet case files from fiscal years 2014 through 2016. GAO also interviewed officials from BOP's Central Office and four correctional facilities that use retention incentives, selected to reflect variation in the number and types of employees receiving retention incentives, BOP regions, and BOP institution securi[...]

GAO-18-76, Small Business Contracting: SBA Efforts May Clarify the Assignment of Industry Codes, and Most Code Appeals Were Dismissed, December 05, 2017

Thu, 04 Jan 2018 12:00:00 -0500

What GAO Found Agencies' contracting officers consider various factors in assigning North American Industry Classification System (NAICS) codes to federal contracts, and the Small Business Administration (SBA) issued a rule in 2013 intended to clarify NAICS code assignment. NAICS codes are the basis for SBA's size standards; therefore, the code that the contracting officer assigns determines whether a firm is eligible for federal contracting preferences, such as small business set-asides. The contracting officers GAO interviewed cited several factors that affect their assignment of NAICS codes, including information on the work to be performed and input from agency small business specialists. However, they stated that assigning a NAICS code can be challenging when one or more codes could apply to a contract. In the 2013 rule, SBA clarified that under certain circumstances, contracting officers may assign more than one code to multiple-award contracts. Such contracts are awarded to two or more contractors under a single solicitation and include indefinite delivery/indefinite quantity (ID/IQ) contracts used when quantities and timing are not known at the time of the award. However, updates to the Federal Acquisition Regulation (FAR)—the rules governing the federal government's purchasing process—are required to fully implement SBA's final rule. The agencies GAO interviewed plan to implement this rule after it is adopted into the FAR and they can make necessary updates to their information technology for contracting. This FAR rule-making process is ongoing. Some industry groups and firms GAO interviewed expressed concerns about how contracting officers assign NAICS codes, but SBA's Office of Hearings and Appeals (OHA) dismissed most appeals and denied more than half of the remaining appeals. Some industry groups and firms GAO interviewed expressed concerns that contracting officers may assign NAICS codes based on the size standard (thereby affecting the number of firms that can compete as a small business) and not the work to be performed. However, some also stated it was difficult to determine how often this practice occurs, and OHA officials noted it is the office's role to review the appropriateness of appealed NAICS codes, not the contracting officer's intention when assigning the code. Of the 62 NAICS code appeals that were filed in calendar years 2014–2016, OHA dismissed 35, denied 15, and granted 12 (see fig.). Appeals were dismissed because, among other things, they were untimely or the contracting officer cancelled the acquisition. Figure: Number of NAICS Code Appeal Decisions, 2014–2016 Why GAO Did This Study Federal regulations require that contracting officers assign the NAICS code that best describes the principal purpose of the acquisition. SBA's OHA is responsible for reviewing appeals of NAICS code assignments. Questions have been raised about whether agencies assign the appropriate NAICS codes to ID/IQ contracts with multiple task orders. GAO was asked to review several issues related to NAICS codes. In this report, GAO examines (1) what contracting officers consider when assigning NAICS codes to federal contracts and the status of efforts to clarify code assignment and (2) industry views on NAICS code assignment and the number and outcomes of appeals. GAO reviewed policies and procedures of the four agencies with the highest ID/IQ obligations from fiscal years 2011–2015: Army, Navy, Department of Homeland Security [...]

GAO-18-60, Offshore Seismic Surveys: Additional Guidance Needed to Help Ensure Timely Reviews, December 11, 2017

Thu, 04 Jan 2018 12:00:00 -0500

What GAO Found The Department of the Interior's Bureau of Ocean Energy Management's (BOEM) process and time frames for reviewing seismic survey applications differ by region along the Outer Continental Shelf (OCS). From 2011 through 2016, BOEM reviewed 297 applications and issued 264 seismic survey permits, and the reviews' time frames differed by region (see table). As part of the process, BOEM may require approved “incidental take” authorizations from the Department of Commerce's National Marine Fisheries Service (NMFS) or Interior's U.S. Fish and Wildlife Service (FWS), given the possibility such surveys may disturb or injure marine mammals. BOEM does not have statutory review time frame requirements for issuing permits, and officials said the agency starts its formal review once it determines that an application is complete. In some cases, the agency issued a permit on the same day it determined an application was complete. BOEM's Seismic Survey Permits Issued from 2011 through 2016 OCS region Permits issued How many days review took Alaska 8 35-200 Atlantic 6 0-340 Gulf of Mexico 250 0-287 Source: GAO analysis of BOEM data. ׀ GAO-18-60 NMFS and FWS follow a similar general process for reviewing incidental take authorization applications related to seismic survey activities. From 2011 through 2016, NMFS and FWS reviewed 35 and approved 28 such applications across the three OCS regions, including some authorizations related to BOEM permits as well as research seismic surveys not associated with BOEM permits. NMFS was unable to provide accurate data for the dates the agency determines an application is adequate and complete—and FWS does not record this date. For example, based on GAO's review of NMFS data, in at least two cases, the date NMFS recorded the application had been determined adequate and complete was after the date when the proposed authorization was published in the Federal Register . Federal internal control standards call for agencies to use quality information. Without guidance on how to accurately record review dates, agencies and applicants will continue to have uncertainty around review time frames. Further, under the Marine Mammal Protection Act, the agencies are to review one type of incidental take authorization application—incidental harassment authorization applications—within 120 days of receiving an application for such authorizations. NMFS and FWS have not conducted an analysis of their review time frames. Not conducting such an analysis is inconsistent with federal internal control standards that call for agency management to design control activities to achieve objectives and respond to risks. Without analyzing the review time frames for incidental harassment authorization applications and comparing them to statutory review time frames, NMFS and FWS are unable to determine whether they are meeting their objectives to complete reviews in the 120-day statutory time frame. Why GAO Did This Study Offshore seismic surveys provide federal agencies and other entities with a wide range of data, from research on fault zones to geology that may indicate the presence of oil and gas. Companies seeking to conduct such surveys to find oil and gas [...]

GAO-18-89, Natural Gas Storage: Department of Transportation Could Take Additional Steps to Improve Safety Enforcement Planning, November 22, 2017

Fri, 22 Dec 2017 12:00:00 -0500

What GAO Found To meet its requirement under the Protecting Our Infrastructure of Pipelines and Enhancing Safety (PIPES) Act of 2016, the Department of Transportation's (DOT) Pipeline and Hazardous Materials Safety Administration (PHMSA) issued minimum safety standards in an interim rule and plans to finalize them by January 2018. Under the interim standards, site operators are to follow industry-developed best practices to detect and prevent leaks and plan for emergencies, among other things. Since the interim rule went into effect in January 2017, the minimum safety standards apply to all 415 natural gas storage sites, and the rule will be subject to further revision before it is final. To enforce its safety standards, PHMSA has taken steps to establish a natural gas storage safety enforcement program. For example, PHMSA has started developing a training program for its inspectors. PHMSA also has identified a strategic goal for its program—to promote continuous improvement in safety performance—and is developing a performance goal for its training program. However, PHMSA has not yet followed certain leading strategic planning practices. For example, PHMSA has not yet defined the level of performance to be achieved, fully addressed all core program activities, or used baseline data to develop its performance goal. GAO has previously reported that requirements under the Government Performance and Results Act (GPRA) and GPRA Modernization Act of 2010—which include establishing performance goals to define the level of performance—can serve as leading practices for lower levels of an agency, such as PHMSA. GAO also has found that successful performance goals address all core program activities. PHMSA's goal focuses on training and does not address other core program activities, such as conducting effective inspections. For example, a goal to evaluate whether PHMSA's inspections are effective could be to annually reduce, by a certain percentage, the number of sites not meeting minimum standards. PHMSA officials told GAO that they will strive to add and refine performance goals as the program evolves. As they do so, ensuring that these goals define the level of performance, address all core program activities, and use baseline data could help PHMSA better track progress toward its strategic goal. Approximate Location of Natural Gas Storage Sites within Counties Populated by 100,000 or More People Why GAO Did This Study Natural gas storage is important for ensuring that natural gas is available when demand increases. There are 415 storage sites—including underground caverns and depleted aquifers and oil and gas reservoirs—located in 31 states, often near population centers (see fig.). Leaks from these sites, such as one near Los Angeles that led to the temporary relocation of about 8,000 families in 2015, can result in environmental and economic damage. Until 2016, states set standards for 211 sites, but there were no standards for 204 sites connected to interstate pipelines subject to federal jurisdiction. With passage of the PIPES Act of 2016, PHMSA, an agency within DOT that sets and enforces standards for energy pipelines, among other things, was tasked with issuing minimum standards for all gas storage sites. GAO was asked to review natural gas storage safety standards. This report examines (1) PHMSA's efforts to implement the requirement to issue minimum safety standards f[...]

GAO-18-133R, Unemployment Insurance: State Use of Warnings Related to Work Search Requirements Affects DOL's Improper Payment Estimates, November 21, 2017

Thu, 21 Dec 2017 12:00:00 -0500

What GAO Found Department of Labor (DOL) data show that some states have formal warning policies that allow Unemployment Insurance (UI) claimants to receive benefits after the first discovered occurrence of their failing to meet work search requirements while most states do not have such policies. As a result, states are inconsistent in whether they report such benefit payments as overpayments, which has an impact on DOL's reported improper payment rate for the UI program. According to DOL officials, 18 states and the District of Columbia have formal warning policies and, therefore, have not counted as overpayments cases in which claimants who failed to search for work in one week were provided benefits. In contrast, DOL officials noted that 34 states do not have formal warning policies. Accordingly, all cases in which those states find that a claimant was provided benefits despite not having met work search requirements are counted as overpayments and are factored into DOL's reported improper payment rate. Analysis of DOL data shows that if formal warning cases had been included in DOL's calculation of the overpayment rates for fiscal year 2016, the nationwide overpayment rate would have increased by about 5 percentage points, from an estimated 11.1 percent to an estimated 16.3 percent. The variation among states related to formal warning policies makes it difficult for DOL and others to understand the reasons behind states' reported overpayments associated with work search requirements. Federal internal control standards state that management should communicate quality information externally through reporting lines so that external parties can help the entity achieve its objectives and address related risks. More consistent reporting could help DOL fully understand improper payments associated with work search requirements and work with states to address the issue. DOL is in the process of preparing guidance to states on the use of formal warning policies, according to DOL officials. Guidance is an important tool that agencies use to clarify federal requirements and communicate information about the implementation of programs to grantees. In preparing guidance for states, DOL has an opportunity to determine and communicate how state policies on work search requirements and their related overpayment reporting should align with federal requirements and reporting expectations. Some states may need to take action after the guidance is issued. Providing specific information on any actions required and, if actions are required, setting timeframes for completion and monitoring states' responses to the guidance could help ensure that DOL achieves its desired results.  Why GAO Did This Study The UI program provides temporary income support to eligible workers who become unemployed through no fault of their own. Individuals who claim unemployment are generally required to actively search for work as a condition of receiving benefits. However, the specific work search requirements vary by state, according to DOL. Overseen by DOL, and administered by states, the UI program paid $32 billion to 6.2 million individuals in fiscal year 2016. That same year, the program had the seventh-highest reported improper payment estimate among all federal programs. Currently, the leading reported cause of UI improper payments is overpayments to claimants who failed to meet work search[...]