About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

GAO-25-108054 1 (2025-06-20)

handle is hein.gao/ptyopercms0001 and id is 1 raw text is: GAO U.S. GOVERNMENT ACCOUNTABILITY OFFICE 441 G St. N.W. Comptroller General Washington, DC 20548 of the United States June 20, 2025 The Honorable Sean Duffy Secretary of Transportation U.S. Department of Transportation 1200 New Jersey Avenue, S.E. Washington, DC 20590 Priority Open Recommendations: Department of Transportation Dear Secretary Duffy: Congratulations on your appointment. The purpose of this letter is to call your personal attention to four areas based on GAO's past work and 21 open priority recommendations, which are enclosed.1 Additionally, there are 177 other GAO open recommendations that we will continue to work with your staff to address. We are highlighting the following areas that warrant your timely and focused attention. Specifically: Managing Cybersecurity Risks and Information Technology (IT). The security and privacy of our nation's transportation systems are vital to public safety and national security. These critical infrastructure systems depend on IT systems and electronic data to operate and to process, maintain, and report essential information. As such, the areas of ensuring the cybersecurity of the nation and improving IT acquisitions and management have been on our High-Risk List for over 25 years and 10 years, respectively. Accordingly, we have made numerous recommendations to DOT to enhance cybersecurity and address challenges with its systems. Specifically, DOT should fully develop a cybersecurity risk management strategy that includes how it intends to assess, respond to, and monitor risks and complete its IT workforce planning activities. In addition, DOT should address the risks of its aging air traffic control systems. Taking these actions is crucial to protect and strengthen our transportation systems. With respect to challenges with aging air traffic control systems, we found that the Federal Aviation Administration (FAA) has been slow to modernize its most critical and at-risk systems and has not consistently provided oversight of air traffic control modernization investments. To ensure the safety and efficiency of the national airspace, we recommended that FAA report to Congress on how it is mitigating the risks of all unsustainable and critical air traffic control systems that are identified in its annual operational risk assessments. We also recommended that FAA establish a time frame for developing and implementing guidance to increase oversight 1GAO considers a recommendation to be a priority if, when implemented, it may significantly improve government operations, for example, by realizing large dollar savings; eliminating mismanagement, fraud, and abuse; or making progress toward addressing a high-risk or duplication issue. GAO-25-108054 DOT Priority Recommendations Page 1

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most