The IT Law Wiki


The following are the GAO reports published in 2008 that are discussed in this wiki (in reverse chronological order). Those Reports that have already been summarized are in blue; those that have not yet been summarized are in red.


  • [NONE]



  • Defense Management: DOD Can Establish More Guidance for Biometrics Collection and Explore Broader Data Sharing (GAO-09-49) (Oct. 15, 2008).


  • Defense Management: DOD Needs to Establish Clear Goals and Objectives, Guidance, and a Designated Budget to Manage its Biometrics Activities (GAO-08-1065) (Sept. 26, 2008).
  • Information Technology: FBI Is Implementing Key Acquisition Methods on Its New Case Management System, but Related Agencywide Guidance Needs to Be Improved (GAO-08-1014) (Sept. 23, 2008).
  • Social Security Numbers Are Widely Available in Bulk and Online Records, but Changes to Enhance Security Are Occurring (GAO-08-1009R) (Sept. 19, 2008).
  • Health Information Technology: HHS Has Taken Important Steps to Address Privacy Principles and Challenges, Although More Work Remains (GAO-08-1138) (Sept. 17, 2008).
  • Information Technology: Federal Laws, Regulations, and Mandatory Standards for Securing Private Sector Information Technology Systems and Data in Critical Infrastructure Sectors (GAO-08-1075R) (Sept. 16, 2008).
  • Critical Infrastructure Protection: DHS Needs to Better Address Its Cyber Security Responsibilities (GAO-08-1157T) (Sept. 16, 2008).
  • Information Technology: SSA Has Taken Key Steps for Managing Its Investments, but Needs to Strengthen Oversight and Fully Define Policies (GAO-08-1020) (Sept. 12, 2008).
  • Secure Border Initiative: DHS Needs to Address Significant Risks in Delivering Key Technology Investment (GAO-08-1148T) (Sept. 10, 2008).
  • Critical Infrastructure Protection: DHS Needs to Fully Address Lessons Learned from Its First Cyber Storm Exercise (GAO-08-825) (Sept. 9, 2008).
  • Information Security: Actions Needed to Better Protect Los Alamos National Laboratory’s Unclassified Computer Network (GAO-08-1001) (Sept. 9, 2008).
  • DOD Systems Modernization: Maintaining Effective Communication Is Needed to Help Ensure the Army's Successful Deployment of the Defense Integrated Military Human Resources System (GAO-08-927R) (Sept. 8, 2008).


  • DOD Business Systems Modernization: Key Navy Programs' Compliance with DOD's Federated Business Enterprise Architecture Needs to Be Adequately Demonstrated (GAO-08-972) (Aug. 7, 2008).


  • OMB and Agencies Need to Improve Planning, Management, and Oversight of Projects Totaling Billions of Dollars (GAO-08-1051T) (July 31, 2008).
  • Cyber Analysis and Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability (GAO-08-588) (July 31, 2008).
  • DOD Business Systems Modernization: Key Marine Corps System Acquisition Needs to Be Better Justified, Defined, and Managed (GAO-08-822) (July 28, 2008).
  • Information Security: Federal Agency Efforts to Encrypt Sensitive Information Are Under Way, but Work Remains (GAO-08-525) (June 27, 2008).
  • Biosurveillance: Preliminary Observations on Department of Homeland Security's Biosurveillance Initiatives (GAO-08-960T) (July 16, 2008).


  • Information Security: Federal Agency Efforts to Encrypt Sensitive Information Are Under Way, but Work Remains (GAO-08-525) (June 27, 2008).
  • Information Sharing Environment: Definition of the Results to Be Achieved in Improving Terrorism-Related Information Sharing Is Needed to Guide Implementation and Assess Progress (GAO-08-492) (June 25, 2008).
  • Privacy: Congress Should Consider Alternatives for Strengthening Protection of Personally Identifiable Information (GAO-08-795T) (June 18, 2008).
  • Federal Records: National Archives and Selected Agencies Need to Strengthen E-Mail Management (GAO-08-742) (June 13, 2008).



  • Digital Television Transition: Majority of Broadcasters Are Prepared for the DTV Transition, but Some Technical and Coordination Issues Remain (GAO-08-510) (Apr. 30, 2008).


  • Freedom of Information Act: Agencies Are Making Progress in Reducing Backlog, but Additional Guidance Is Needed (GAO-08-344) (Mar. 14, 2008).
  • Information Security: Progress Reported, but Weaknesses at Federal Agencies Persist (GAO-08-571T) (Mar. 12, 2008).
  • Intellectual Property: Federal Enforcement Has Generally Increased, but Assessing Performance Could Strengthen Law Enforcement Efforts (GAO-08-157) (Mar. 11, 2008).
  • Privacy: Government Use of Data from Information Resellers Could Include Better Protections (GAO-08-543T) (Mar. 11, 2008).
  • Information Technology: Significant Problems of Critical Automation Program Contribute to Risks Facing 2010 Census (GAO-08-550T) (Mar. 5, 2008).


  • Information Security: Securities and Exchange Commission Needs to Continue to Improve Its Program (GAO-08-280) (Feb. 29, 2008).
  • Electronic Government: Additional OMB Leadership Needed to Optimize Use of New Federal Employee Identification Cards (GAO-08-292) (Feb. 29, 2008).
  • Information Security: Although Progress Reported, Federal Agencies Need to Resolve Significant Deficiencies (GAO-08-496T) (Feb. 14, 2008).
  • Information Technology: VA Has Taken Important Steps to Centralize Control of Its Resources, but Effectiveness Depends on Additional Planned Actions (GAO-08-449T) (Feb. 13, 2008).


  • Information Security: Protecting Personally Identifiable Information (GAO-08-343) (Jan. 25, 2008).
  • Information Security: IRS Needs to Address Pervasive Weaknesses (GAO-08-211) (Jan. 8, 2008).

Other GAO Reports[]

The following entries list GAO Reports in chronological order by year: