Government IT Makes GAO’s High Risk List
Policy + Politics

Government IT Makes GAO’s High Risk List


At a time when cyber attacks pose an increasingly serious threat to national security, with hackers launching attacks at the Defense Department every day, watchdogs are flagging federal IT operations as one of the most serious weaknesses in the federal government.

Every year, the Government Accountability Office releases a list of the most troubled federal agencies, programs and projects at risk of being vulnerable to waste, fraud and abuse. This year, the newest additions to the risk list are IT acquisitions and operations and the troubled Veterans Affairs health systems, NextGov first reported.

Related: The Cyber Attack That Could Take Down the Government

Of course, neither of these additions will shock anyone. The VA has been plagued with scandal after whistleblowers claimed the agency had kept hidden waitlists of veterans who had waited months to get treatment.

Meanwhile, the government has seriously struggled with its IT projects—most notably the launch of, the federal portal built to facilitate the sale of health insurance set up under Obamacare. The website, was so plagued with tech problems at the start of its rollout that only six people were able to sign up on the first day.

Eventually, received a massive revamp and repair effort that ballooned the project’s price tag to more than $2.1 billion, Bloomberg reported. Watchdogs still worry that it could be vulnerable to hackers.

Though is the most publicized federal tech flop, there are plenty of other examples where the government bungled an IT project. The Pentagon and the Veterans Affairs Department, for instance, abandoned a $1.1 billion program to build an integrated electronic health record system after failing to get the systems to communicate. In fact, almost none of the systems built are compatible agency to agency. 

For example, the IRS is responsible verifying taxpayer subsidies for millions of people who entered their income on the “honor system.” But they can’t search the HHS database by Social Security number to verify that income and electronically compare the number to that individual’s tax return.

Related: Another Failed Gov’t Tech Project Cost $1.1 Billion

The risk list further highlights the problems agencies have had with the countless examples of tech flops that come at a costly price for taxpayers. But money isn’t the only issue. IT weaknesses also present a huge national security threat.

In January, the GAO released a report revealing that the Department of Homeland Security isn’t prepared to protect agencies against cyberattacks targeting federal facilities. This grim news comes when the threat of cyberattacks is growing.

Dan Kaufman, the head of the Defense Advanced Research Project Agency’s (DARPA) software innovation division, said in an interview on 60 Minutes on Sunday that cyber attacks against the military are now happening every day. 

“The number of attacks is dramatically increasing,” Kaufman said. 

While the threat increases, the government is struggling to recruit people with the necessary skills to help fend off attacks. Another GAO report released at the end of January found a serious skills gap among federal workers who have roles in IT and cyber security, among other professions including economists and acquisition specialists.

The countless reports by GAO and other watchdogs make a very solid case for why the government’s IT operations present a high risk to the federal government.

The watchdog agency is poised to release this year’s full Risk List on Wednesday before the Senate Committee on Homeland Security and Governmental Affairs.

Top Reads from The Fiscal Times: