The Government Accountability Office assessed the performance of 25 major information technology business programs of the Department of Defense and found that 19 of these programs did not fully report their progress on their operational performance.
GAO recommended that DOD ensure major IT programs report operational performance measures and related data to the federal IT dashboard, according to a report published Tuesday.
Of the 25 programs, the congressional watchdog found that officials for 15 of the programs said they have an approved cybersecurity strategy and provided a copy of that strategy.
While 10 of the programs reported having system security plans in place to manage supply chain risks facing information and communications technology, the other 15 programs did not show that they had ICT supply chain risk management plans.
“Until DOD ensures that these programs have such plans, they are less likely to be able to manage supply chain risks and mitigate threats that could disrupt operations,” the GAO report reads.
According to the report, four programs represented over half of DOD’s budget for major IT business systems in fiscal year 2022 and these are the department’s Healthcare Management System Modernization, Navy Enterprise Resource Planning, General Fund Enterprise Business System and Global Combat Support System-Army.