The IT Law Wiki

The following are the GAO reports published in 2020 that are discussed in this wiki (in reverse chronological order). Those reports that have already been summarized are in blue; those that have not yet been summarized are in red.

[NOTE: GAO Reports are often updated; many are updated multiple times. The links below are to the most recent version of the Report.]


  • Information Technology: DOD Software Development Approaches and Cybersecurity Practices May Impact Cost and Schedule (GAO-21-182) (Dec. 23, 2020).
  • Automated Technologies: DOT Should Take Steps to Ensure Its Workforce Has Skills Needed to Oversee Safety (GAO-21-197) (Dec. 18, 2020).
  • Data Governance: Agencies Made Progress in Establishing Governance, but Need to Address Key Milestones (GAO-21-152) (Dec. 16, 2020).
  • Information Technology: Federal Agencies Need to Take Urgent Action to Manage Supply Chain Risks (GAO-21-171) (Dec. 15, 2020).
  • Electromagnetic Spectrum Operations: DOD Needs to Address Governance and Oversight Issues to Help Ensure Superiority (GAO-21-64) (Dec. 10, 2020).
  • 2020 Census: The Bureau Concluded Field Work but Uncertainty about Data Quality, Accuracy, and Protection Remains (GAO-21-206R) (Dec. 9, 2020).
  • 2020 Census: Census Bureau Needs to Assess Data Quality Concerns Stemming from Recent Design Changes (GAO-21-142) (Dec 3, 2020).
  • 2020 Census: Census Bureau Needs to Ensure Transparency over Data Quality (GAO-21-262T) (Dec. 3, 2020).


  • Defense Acquisitions: Joint Cyber Warfighting Architecture Would Benefit from Defined Goals and Governance (GAO-21-68) (Nov. 19, 2020).
  • Defense Intelligence: Comprehensive Plan Needed to Improve Stakeholder Engagement in the Development of New Military Intelligence System (GAO-21-57) (Nov. 19, 2020.
  • Federal Telework: Key Practices That Can Help Ensure the Success of Telework Programs (GAO-21-238T) (Nov. 18, 2020).


  • Consumer Privacy: Better Disclosures Needed on Information Sharing by Banks and Credit Unions (GAO-21-36) (Oct. 22, 2020).
  • Biomedical Research: NIH Should Publicly Report More Information about the Licensing of Its Intellectual Property (GAO-21-52) (Oct. 22, 2020).
  • Aviation Cybersecurity: FAA Should Fully Implement Key Practices to Strengthen Its Oversight of Avionics Risks (GAO-21-86) (Oct. 9, 2020).
  • Open Data: Agencies Need Guidance to Establish Comprehensive Data Inventories; Information on Their Progress is Limited (GAO-21-29) (Oct. 8, 2020).
  • Information Technology: IRS Needs to Address Operational Challenges and Opportunities to Improve Management (GAO-21-178T) (Oct. 7, 2020).
  • National Security: Additional Actions Needed to Ensure Effectiveness of 5G Strategy (GAO-21-155R) (Oct. 7, 2020).
  • Telecommunications: FCC Should Enhance Performance Goals and Measures for Its Program to Support Broadband Service in High-Cost Areas (GAO-21-24) (Oct. 1, 2020).


  • Agile Assessment Guide: Best Practices for Agile Adoption and Implementation (GAO-20-590G) (Sept. 28, 2020).
  • Intellectual Property: CBP Has Taken Steps to Combat Counterfeit Goods in Small Packages but Could Streamline Enforcement (GAO-20-692) (Sept. 24, 2020).
  • Cyber Diplomacy: State Has Not Involved Relevant Federal Agencies in the Development of Its Plan to Establish the Cyberspace Security and Emerging Technologies Bureau (GAO-20-607R) (Sept. 22, 2020).
  • Cybersecurity: Clarity of Leadership Urgently Needed to Fully Implement the National Strategy (GAO-20-629) (Sept. 22, 2020).
  • Information Security and Privacy: HUD Needs a Major Effort to Protect Data Shared with External Entities (GAO-20-431) (Sept. 21, 2020).
  • Critical Infrastructure Protection: Treasury Needs to Improve Tracking of Financial Sector Cybersecurity Risk Mitigation Efforts (GAO-20-631) (Sept 17, 2020).
  • Veteran Affairs: VA Needs to Address Persistent IT Modernization and Cybersecurity Challenges (GAO-20-719T) (Sept. 16, 2020).
  • Data Security: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm (GAO-20-644) (Sept. 15, 2020).
  • Medicaid Information Technology: Effective CMS Oversight and States' Sharing of Claims Processing and Information Retrieval Systems Can Reduce Costs GAO-20-179; Sept. 9, 2020.
  • Facial Recognition: CBP and TSA are Taking Steps to Implement Programs, but CBP Should Address Privacy and System Performance Issues (GAO-20-568) (Sept. 2, 2020).


  • Social Security Contracting: Relevant Guidance Should Be Revised to Reflect the Role of Contracting Personnel in Software Development (GAO-20-627) (July 31, 2020).
  • Intellectual Property: Additional Agency Actions Can Improve Assistance to Small Businesses and Inventors (GAO-20-556) (Aug. 27, 2020).
  • Cybersecurity: DHS and Selected Agencies Need to Address Shortcomings in Implementation of Network Monitoring Program (GAO-20-598) (Aug. 18, 2020).



  • Broadband: Observations on Past and Ongoing Efforts to Expand Access and Improve Mapping Data (GAO-20-535) (June 25, 2020).
  • Electronic Health Records: Ongoing Stakeholder Involvement Needed in the Department of Veterans Affairs' Modernization Effort (GAO-20-473) (June 5, 2020).
  • Agile Software Development: DHS Has Made Significant Progress in Implementing Leading Practices, but Needs to Take Additional Actions (GAO-20-213) (Jun 1, 2020).
  • Internet Protocol Version 6: DOD Needs to Improve Transition Planning (GAO-20-402) (June 1, 2020).



  • Cybersecurity: DOD Needs to Take Decisive Actions to Improve Cyber Hygiene (GAO-20-241) (Apr 13, 2020).
  • Telecommunications and Call Centers: Observations on Federal Contracting Practices (GAO-20-291) (Apr. 13, 2020).


  • Science & Tech Spotlight: 5G Wireless (GAO-20-421SP) (Reissued with revisions on Mar. 27, 2020).
  • Information Security: FCC Made Significant Progress, but Needs to Address Remaining Control Deficiencies and Improve Its Program (GAO-20-265) (Mar. 25, 2020).
  • Freedom of Information Act: Federal Agencies' Recent Implementation Efforts (GAO-20-406R) (Mar. 11, 2020).
  • Business Systems Modernization: DOD Has Made Progress in Addressing Recommendations to Improve IT Management, but More Action Is Needed (GAO-20-253) (Mar. 5, 2020).
  • Data Center Optimization: Agencies Report Progress, but Oversight and Cybersecurity Risks Need to Be Addressed (GAO-20-279) (Mar. 5, 2020).


  • Information Management: Selected Agencies Need to Fully Address Federal Electronic Recordkeeping Requirements (

GAO-20-59) (Feb. 27, 2020).

  • Science & Tech Spotlight: Deepfakes (GAO-20-379SP) (Feb. 20, 2020).
  • Virtuala Currencies: Additional Information Reporting and Clarified Guidance Could Improve Tax Compliance (GAO-20-188) (Feb. 12, 2020).
  • Office of Congressional Workplace Rights: Weaknesses in Cybersecurity Management and Oversight Need to Be Addressed (GAO-20-199) (Feb. 11, 2020).
  • Information Technology: DHS Directives Have Strengthened Federal Cybersecurity, but Improvements Are Needed (GAO-20-133) (Feb. 4, 2020).


  • Artificial Intelligence in Health Care Benefits and Challenges of Machine Learning in Drug Development (GAO-20-215SP) (Dec. 20, 2019) [reissued with revisions on Jan. 31, 2020].
  • Innovative Technologies in Manufacturing: Commerce Has Stopped Efforts to Implement Loan Guarantee Program (GAO-20-326R) (Jan. 28, 2020).
  • James Webb Space Telescope: Technical Challenges Have Caused Schedule Strain and May Increase Costs (GAO-20-224) (Jan. 28, 2020).
  • Public-Saftey Broadcast Network: Network Deployment Is Progressing, but FirstNet Could Strengthen Its Oversight (GAO-20-346) (Jan. 27, 2020).

Other GAO Reports[]

The following entries list GAO Reports in chronological order by year: