The Government Accountability Office (GAO) recently issued two reports evaluating the effectiveness of the National Archives in overseeing the government-wide management of records, and in implementing its own internal security controls.
The first GAO report, titled
“Oversight and Management Improvements Initiated but More Action Needed,” found that the National Archives has been more proactive in carrying out its records management oversight responsibilities. For example, NARA has conducted its first government-wide records management self-assessment survey, resumed agency inspections after a long gap, and expanded its reporting (including giving more complete information about specific agencies).
However, the GAO found shortcomings in these initiatives. For example, the GAO felt NARA’s efforts to validate self-reported survey data were limited, as were its plans for conducting inspections of agency records management.
The second GAO report, titled, “National Archives and Records Administration Needs to Implement Key Program Elements and Controls,” found that “significant weaknesses pervade its systems.” GAO sharply criticized NARA for not implementing necessary information security controls to prevent, limit and detect unauthorized access to its computers, programs, information and facilities.
Archivist of the United States David S. Ferriero issued a statement in response to the GAO reports. Ferriero stated, “I welcome these audits by GAO and I appreciate that the reports made some helpful recommendations and acknowledged the strides of improvement this agency has been making over the last year. I also agree with GAO that more work needs to be done, both internally at the Archives and across the records management community in the Federal government.”