What GAO Found Generative artificial intelligence (AI) systems create outputs using algorithms, which are often trained on text and images obtained from the internet. Technological advancements in the underlying systems and architecture, combined with the open availability of AI tools to the public, have led to widespread use. The Department of Veterans Affairs (VA) increased its number of AI use cases between 2023 and 2024. VA has also identified challenges in using AI—such as difficulty complying with federal policies and guidance, having sufficient technical resources and budget, acquiring generative AI tools, hiring and developing an AI workforce, and securing sensitive data. GAO has identified a framework of key practices to help ensure accountability and responsible AI use by federal agencies—including VA—in the design, development, deployment, and continuous monitoring of AI systems. VA and other agencies can use this framework as they consider, select, and implement AI systems (see figure). Figure: GAO’s Artificial Intelligence (AI) Accountability Framework VA’s use of the AI accountability framework along with a solid foundation of IT management and AI use cases could enable the department to better position itself to support ongoing and future work involving the technology. Why GAO Did This Study Developments in generative AI—which can create text, images, audio, video, and other content when prompted by a user—have revolutionized how the technology can be used in many industries, including healthcare, and at federal agencies including VA. AI is a transformative technology for government operations, but it also poses unique challenges because the source of information used by AI systems may not always be clear or accurate. These challenges may be difficult for federal agencies including VA to overcome. In prior reports, GAO found that VA has experienced longstanding challenges in managing its IT projects and programs. This raises questions about the efficiency and effectiveness of its operations and its ability to deliver intended outcomes needed to help advance the department’s mission. GAO’s statement describes (1) VA’s AI use and challenges, and (2) principles and key practices for federal agencies that are considering implementing AI. GAO summarized a prior report that described VA’s use of AI. GAO also summarized key practices for federal agencies and other entities that are considering implementing AI systems.

What GAO Found The Department of Defense’s (DOD) Transportation Command (TRANSCOM) awarded its Global Household Goods Contract (GHC) in 2021 with the goal of improving both service members’ experiences with military moves and the government’s ability to oversee quality service. TRANSCOM intended to fully transition the household goods shipment and storage aspects of its Defense Personal Property Program to the contract. Various challenges delayed contract implementation initially, but limited GHC shipments began in April 2024. According to TRANSCOM, as GHC shipment volume and geographic coverage increased, the contractor faced limits in its capacity to manage the higher volumes, which resulted in missed or delayed pickups and deliveries. Citing continuous performance challenges, the Secretary of Defense directed the creation of a Permanent Change of Station Joint Task Force in May 2025 to develop recommendations for DOD's strategic path forward for the program. DOD ultimately terminated the GHC in June 2025. Military Service Member Move TRANSCOM did not have sufficient, comprehensive information about GHC (1) capacity, (2) performance, and (3) costs to effectively manage risks and oversee contract implementation. TRANSCOM officials had identified capacity constraints as a risk to the GHC before implementation, but they had only limited information on the contractor’s capacity and could not verify that information. DOD lacked comprehensive feedback on service members’ experiences with the GHC, limiting its assessment of contractor performance. Respondents to GAO’s survey of service members and spouses reported inadequate communication with the contractor’s customer service representatives about the status of their shipments and delays in multiple phases of the moving process. TRANSCOM did not have complete information regarding costs associated with the GHC transition; DOD incurred unplanned transition costs, paid management fees for task orders ultimately not carried out by the contractor, and lacked clarity on how GHC costs compared to existing program costs. By obtaining more comprehensive information on program capacity, performance, and costs, DOD will be better positioned to manage risks and oversee the program effectively as it develops its strategic path forward. Why GAO Did This Study DOD arranges for the worldwide movement and storage of about 300,000 personal property shipments of service members and their families each year, at an annual cost of approximately $2 billion. As a result of dissatisfaction with its relocation program, TRANSCOM awarded the GHC, worth up to $17.9 billion over approximately 9 years, to a single commercial move manager in November 2021. However, DOD terminated the contract in June 2025 due to the contractor’s failure to perform services specified in the terms and conditions of the contract. The House report accompanying a bill for the Servicemember Quality of Life Improvement and National Defense Authorization Act for Fiscal Year 2025 included a provision for GAO to review DOD’s management and oversight of the GHC. This report (1) describes DOD’s implementation of the GHC and (2) assesses the extent to which DOD had the information needed to effectively oversee contract implementation. GAO reviewed the GHC and implementation plans, DOD guidance, and acquisition regulations; interviewed DOD officials and performed two site visits; and surveyed service members and spouses on their experiences with GHC moves. GAO met with moving industry and contractor representatives and reviewed capacity, performance, and cost information.

What GAO Found In August 2025, GAO found that Tribes continue to experience barriers to accessing loan guarantees and direct loans from the Department of Energy’s (DOE) Tribal Energy Financing Program (TEFP) (GAO-25-107441). These barriers make it harder for Tribes to develop energy resources on tribal lands, causing them to miss opportunities to generate important revenue and jobs. The barriers GAO found relate to (1) aspects of TEFP’s design that have restrictions that can discourage tribal participation, and (2) complex and unclear agency processes that can derail applications. This testimony summarizes several of these barriers. TEFP design. Two aspects of TEFP’s design that GAO identified are the limited assistance available to help Tribes develop projects and due diligence fees that can be high and unpredictable. For example, tribal applicants are required to cover the costs of the outside lawyers and technical experts that DOE hires to review projects. Tribes may avoid applying for the program until DOE revises its review processes to reduce or eliminate the cost. Agency processes. The application process is long and complex, and guidance is unclear. DOE also has few program staff with tribal experience to review applications, which can lengthen reviews and create additional costs for Tribes. Given ongoing changes to the program (e.g., loss of staff), DOE streamlining program processes and ensuring there are designated program staff with appropriate knowledge of tribal energy finance to review applications is particularly important. Without taking these steps, Tribes may continue to experience barriers to securing TEFP financing, limiting their ability to develop their own energy resources. In addition to discussing barriers, GAO also provided information on the status of applications to TEFP. Specifically, since its first solicitation in 2018, TEFP has received 20 applications for loans and loan guarantees for various project types and amounts. Requests ranged from $23.7 million for a solar project to $8.7 billion for an ammonia production facility for low-carbon fuel. DOE’s Loan Programs Office, which manages TEFP, has closed one loan guarantee and no loans. According to DOE officials, seven of the other 19 applications were active as of July 18, 2025. Why GAO Did This Study Tribes can get important economic benefits from energy projects on their lands, such as revenue for government operations. DOE’s TEFP offers loans and loan guarantees for such projects. However, barriers to accessing these loans and loans guarantees can limit Tribes’ development of untapped energy resources on tribal lands. This testimony provides information on DOE tribal energy financing. It is based on GAO-25-107441, a report about the status, design, and implementation of DOE’s TEFP. To identify and describe these barriers, GAO reviewed laws, regulations, and program guidance and other agency documents. GAO also interviewed DOE officials, 12 potential TEFP participants, and five tribal energy stakeholders.

What GAO Found In September 2025, GAO identified 13 open recommendations under the purview of the Department of the Interior's Chief Information Officer (CIO), including two that are relevant to component-level CIOs, from previously issued work. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation or (2) Improving IT Acquisitions and Management. In addition, GAO has designated one of the 13 as a priority recommendation. For example, GAO previously recommended that Interior fully implement all cybersecurity event logging requirements as directed by the Office of Management and Budget. Further, GAO recommended that Interior implement leading practices in executive-level IT governance for major IT investments. GAO also previously recommended that the department complete annual reviews of its IT portfolio consistent with federal requirements. The CIO's continued attention to these recommendations will help ensure the secure and effective use of IT at the department. Why GAO Did This Study CIO open recommendations are outstanding GAO recommendations that warrant the attention of agency CIOs because their implementation could significantly improve government IT operations by securing IT systems, identifying cost savings, improving major government programs, eliminating mismanagement of IT programs and processes, or ensuring that IT programs comply with laws, among others. For more information, contact Nick Marinos at marinosn@gao.gov.

Why This Matters Agents are AI systems that can not only create content but also operate autonomously to accomplish complex tasks and make instantaneous decisions in response to changing conditions. Agents have the potential to reshape the workplace, with advocates emphasizing that agents could increase efficiency in areas such as data entry and resource management. However, policymakers are concerned about the potential for misuse and unintended consequences, as well as job displacement resulting from agent implementation. Key Takeaways Current AI agents are limited to specific purposes, such as software development and autonomous vehicles. As AI becomes more agentic, it will be able to accomplish more complex tasks across various fields. Policymakers face questions about how to prevent misuse and unintended consequences of AI agents. The Technology What is it? Agentic artificial intelligence (AI) builds upon the capabilities of generative AI to not just create content, but also to make and adjust plans when the actions required to accomplish a goal are not clearly defined by a user. Unlike generative AI, AI agents can interact with their environment to perform tasks for users. For example, while a customer service generative AI system can respond to order status inquiries, an AI agent could interact with other software systems to process a return or exchange, or other complex customer issues. There is no universally agreed upon definition of an AI agent. However, there are properties that can help determine AI systems that are more agentic (see fig. 1). Figure 1. Properties that Characterize AI Systems as More Agentic How does it work? AI agents collect data, evaluate the data, and then take action. Sense. Agents collect data from their environment. For example, self-driving vehicles use sensors to scan their surroundings for obstacles such as pedestrians, and customer service AI agents collect text or voice inputs. Process. Agents rely on algorithms, models, and rules to evaluate inputs, process data, and determine the next course of action. For example, a self-driving vehicle processes data collected from its surroundings to plan a safe path to a destination. Act. Agents take action to achieve a goal based on their analysis, such as steering a vehicle or handling customer service requests, like ordering replacement parts. How mature is it? Current AI agents are used in specific areas such as software development, customer service, and autonomous vehicles. However, a study found that the best performing AI agent tested was only able to autonomously perform about 30 percent of software development tasks to completion. Developers are working on future agents that will be less limited to specific areas and will accomplish tasks across various fields. One organization anticipates that future AI agents may make at least 15 percent of day-to-day work decisions by 2028. Opportunities Operations management. AI agents may help automate complex business operations. For example, an AI agent could manage inventory, staff schedules, and equipment status to automatically schedule maintenance and repairs. Workplace productivity. AI agents could increase productivity by autonomously handling routine actions such as data entry or customer support. Natural hazard response. AI agents could enhance efforts to respond to natural disasters, including wildfires. For example, drones with agentic AI could autonomously navigate to and monitor the spread of wildfires. Challenges Unintended consequences and oversight. AI agents could misinterpret a user’s goal or take unethical actions to achieve a goal. In one test, for example, AI agents tried to blackmail humans to avoid being shut down. Without sufficient oversight, mistakes or unintended consequences could go undetected. Misuse. AI agents could be used as tools by malicious actors for disinformation, cyberattacks, and other illicit activities. Further, AI agents might be given access to personal data, making them useful for hackers or others seeking to invade privacy. Testing and evaluation. Many existing methods for evaluating AI performance are not appropriate for testing AI agents because these methods do not consider how agents interact with other systems in their environment. Potential job displacement. Research on employment impact is limited, however researchers found that while AI can increase the productivity of some workers, it may also result in the displacement of others. Policy Context and Questions How should AI agent performance be evaluated prior to implementation? What monitoring and oversight mechanisms could be established to ensure that AI agents are performing as expected and to detect any unintended consequences? What are the implications of AI agents on the workforce, including any potential job loss? Selected GAO Work Artificial Intelligence: Generative AI Training, Development, and Deployment Considerations, GAO-25-107651. Smart Cities: Technologies and Policy Options to Enhance Services and Transparency, GAO-25-107019. Selected Reference Helen Toner et al., “Through the Chat Window and into the Real World: Preparing for AI Agents” (Center for Security and Emerging Technology, Oct. 2024). http://cset.georgetown.edu/publication/ through-the-chat-window-and-into-the-real-world-preparing-for-ai-agents/  For more information, contact Sarah Harvey at HarveyS@gao.gov.

What GAO Found In September 2025, GAO identified 82 open recommendations under the purview of the Department of Health and Human Services (HHS) Chief Information Officer (CIO), including 37 that are sensitive and 49 that are relevant to component-level CIOs, from previously issued work. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation or (2) Improving IT Acquisitions and Management. In addition, GAO has designated one of the 82 as a priority recommendation. For example, GAO previously recommended that HHS complete its covered Internet of Things inventory within the revised time frame it had proposed. Further, GAO previously recommended that HHS develop a work plan that includes specific actions that can be completed to show progress in developing a public health situational awareness network. GAO also previously recommended that the department establish a reasonable time frame for when it will be able to digitally accept access and consent forms from individuals who were properly identity proofed and authenticated, and post those forms on the department's privacy program website. The CIO's continued attention to these recommendations will help ensure the secure and effective use of IT at the department. Why GAO Did This Study CIO open recommendations are outstanding GAO recommendations that warrant the attention of agency CIOs because their implementation could significantly improve government IT operations by securing IT systems, identifying cost savings, improving major government programs, eliminating mismanagement of IT programs and processes, or ensuring that IT programs comply with laws, among others. For more information, contact Nick Marinos at marinosn@gao.gov.

What GAO Found In September 2025, GAO identified 34 open recommendations under the purview of the Department of Transportation's Chief Information Officer (CIO), including 14 that are sensitive and 14 that are relevant to a component-level CIO, from previously issued work. Each of these recommendations relates to a GAO High-Risk area: (1) Ensuring the Cybersecurity of the Nation and (2) Improving IT Acquisitions and Management. In addition, GAO has designated two of the 34 as priority recommendations. For example, GAO previously recommended that the Department of Transportation develop a cybersecurity risk management strategy to protect the department against cyber threats. GAO also recommended that the department develop a department-wide comprehensive policy for the management of software licenses to determine its most widely used software applications and opportunities for cost savings. The CIO's continued attention to these recommendations will help ensure the secure and effective use of IT at the department. Why GAO Did This Study CIO open recommendations are outstanding GAO recommendations that warrant the attention of agency CIOs because their implementation could significantly improve government IT operations by securing IT systems, identifying cost savings, improving major government programs, eliminating mismanagement of IT programs and processes, or ensuring that IT programs comply with laws, among others. For more information, contact Nick Marinos at marinosn@gao.gov.

What GAO Found Military-affiliated people—including active-duty service members, reservists, transitioning service members, veterans, and military and veteran spouses—may face challenges building credit and accessing capital to fund their small businesses. For example, veterans who relocate to a new area after military service can have difficulty establishing credit and developing business relationships. Officials told us military-affiliated people may also face limited access to mentors and professional networks that can help their businesses. Military-affiliated people can access financial literacy programs and resources through federal agencies including the Department of Defense (DOD), the Department of Veterans Affairs (VA), and the Small Business Administration (SBA). These resources provide help with managing personal or business finances, and tips for avoiding fraud and scams. Federal Financial Literacy Programs and Resources Targeted to Military-Affiliated People or Small Business Owners Military-affiliated people can access capital for small businesses through various private funding sources and federal lending programs. Private sources include self-funding, investors, and business loans. However, according to self-reported responses in the 2024 Small Business Credit Survey, veteran business owners reported facing challenges obtaining financing from large banks, such as high interest rates and difficult application processes. Federal lending options include SBA’s 7(a) program and Department of Agriculture loans for agricultural businesses. SBA lending to veteran-owned businesses generally increased from fiscal year 2019 through fiscal year 2024. Federal agencies raise awareness of financial literacy and lending programs for military-affiliated people through in-person and virtual presentations, networking events, and the use of social media and websites. For example, SBA’s Office of Veterans Business Development conducted more than 100 presentations annually in fiscal years 2023 and 2024. Agencies such as SBA and DOD have online tools, including program-specific webpages, to improve access to financial education and loan information. Why GAO Did This Study Military-affiliated people play a vital role in the nation’s economy, including through veteran-owned businesses. According to the Census Bureau’s 2023 Annual Business Survey, veteran-owned businesses had an estimated $884.5 billion in receipts, 3.2 million employees, and $179.7 billion in annual payroll in 2022. GAO was asked to review financial literacy and lending resources for military-affiliated people. This report examines (1) challenges military-affiliated people may face in building credit or accessing capital to fund their small businesses, (2) federal financial literacy resources available to them, (3) sources of capital available to them, and (4) agency efforts to raise awareness among this population about financial literacy and lending programs. GAO interviewed or received written comments from nine agencies, including SBA, VA, and DOD, selected based on prior work, or because they serve the military community. GAO analyzed participation and usage data for financial literacy programs for fiscal years 2019–2023. GAO reviewed national small business survey data from the Census Bureau for 2023 and the Federal Reserve Banks for 2024, the most recent available. GAO also reviewed small business lending data from SBA and Department of Agriculture for 2019–2024, the most recent available. In addition, GAO interviewed or received written comments from representatives of four nonprofit organizations and five financial services firms, selected for their work with military-affiliated people and their businesses. For more information, contact Courtney LaFountain at lafountainc@gao.gov.

What GAO Found The Air Force has developed planning documents for the transition from Minuteman III to Sentinel but has not developed a risk management plan. The transition was planned to begin in fiscal year 2025, but those plans are on hold while the Department of Defense (DOD) restructures the Sentinel program. The Air Force developed an overarching transition strategy and a site transition plan for F.E. Warren Air Force Base in Wyoming, the first base scheduled to convert to Sentinel. However, the Air Force has not yet developed a transition risk management plan, a leading project planning practice. A detailed risk management plan would help the Air Force establish an organized, methodical way to identify, assess, and respond to the myriad risks, and better position the Air Force for a successful transition from Minuteman III to Sentinel. While the Air Force has taken some actions to prepare operators, maintainers, and security forces for the transition, the Air Force has not developed a schedule for construction of a Sentinel test facility. The test facility is necessary early in the transition as part of a multistep process to revise policy and instructions that will be needed to prepare security forces for the transition and concurrent operation of Minuteman III and Sentinel. Air Force Missile Maintainer in a Missile Training Silo in Montana, March 2025 DOD is assessing options to meet strategic deterrent requirements during the transition, but delays require prolonged operation of Minuteman III. Air Force officials are assessing options to potentially operate Minuteman III through 2050. However, prolonged operation presents sustainment risks. Addressing these risks in a transition risk management plan would help ensure the intercontinental ballistic missile (ICBM) system meets requirements during the transition. This is a public version of a classified report that GAO issued in April 2025. This public version omits some information on plans and capabilities, the Sentinel test facility, and strategic deterrent requirements DOD deemed to be sensitive or classified. Why GAO Did This Study The U.S. has operated the land-based Minuteman III ICBM system for over 50 years, well past the original intended service life of 10 years. The system includes more than 600 facilities, including 450 missile silos, across five states. The replacement system, Sentinel, faces critical cost overruns and schedule delays. The Air Force must continue to operate and maintain the aging Minuteman III system to meet U.S. strategic deterrent requirements until Sentinel is fully fielded. A report accompanying a bill for the National Defense Authorization Act for Fiscal Year 2024 includes a provision for GAO to review the Air Force’s planning for the transition from Minuteman III to Sentinel ICBM. This report addresses the extent to which the Air Force (1) planned for the transition and concurrent operation of Minuteman III to Sentinel, (2) developed plans to prepare operators, maintainers, and security forces for the transition, and (3) developed plans to meet strategic deterrent requirements during the transition. GAO collected and reviewed relevant documents and interviewed DOD and Air Force officials about transition planning efforts.

What GAO Found The Department of Education’s Office of Federal Student Aid (FSA) manages the Free Application for Federal Student Aid (FAFSA), which students and parents submit to determine a student’s eligibility for receiving financial aid. The FAFSA Processing System (FPS)—the system that underpins federal student aid—processes these applications (see figure). Overview of the Free Application for Federal Student Aid (FAFSA) Process In September 2024, GAO testified that nine of the 25 contractual requirements that defined FPS were not deployed. Examples of the nine requirements not yet deployed included allowing FSA to (1) make corrections to FAFSA applications and (2) modify eligibility rules and requirements. Education officials had stated that these remaining requirements would be deployed by 2026. However, as of May 2025, Education was unable to provide the status of the complete system. FSA officials said they could not readily provide the status because they were no longer tracking requirements. This raises questions about FSA ensuring required work under the contract is being performed. Further doubts about contract oversight surfaced when GAO determined that FSA was not validating contractor performance data. Although FSA had established processes for monitoring contractor performance, it did not fully implement them. In addition, FSA could not demonstrate that contracting officer’s representatives and project management staff had complied with certification requirements. The agency also did not ensure key acquisition staff had specialized training related to the systems development methodology used to develop FPS. Testing of IT systems is critically important. Although leading practices highlight the importance of thoroughly testing IT systems prior to deployment, FSA did not fully apply these practices. For example, test cases—used to determine whether an application, system, or system feature is working as intended—lacked information that would allow for traceability to underlying requirements. Contributing to this lack of traceability was the absence of agency guidance on what information to include in a test case. In addition, FSA does not have a plan to guide future FPS user testing efforts. This increases the risk that testing will be incomplete and inconsistently executed. Overall, such testing shortfalls can lead to the discovery of significant system deficiencies when deployment occurs. Why GAO Did This Study In December 2023, FSA, the largest provider of student financial aid in the nation, deployed a new system with limited functionality to process student aid applications. However, the system—FPS—had availability issues, recurring errors, and long wait times that affected students’ ability to receive aid. Since then, FSA has continued to work to deploy additional functionality. Among other things, this report addresses the extent to which FSA conducted selected contract oversight activities and applied leading systems testing practices. GAO examined how FSA tracked the contractor’s progress in meeting contract requirements and compared FSA actions to established contract oversight processes and agency standards. GAO also identified key contract oversight staff for FPS and compared federal certification and training requirements against relevant documentation for these staff. In addition, GAO compared the actions taken by FSA to leading practices for system testing.

What GAO Found Based on GAO’s analysis, none of the policies established by the management and operating (M&O) contractors operating National Nuclear Security Administration (NNSA) sites met or substantially met all 12 steps for developing a reliable cost estimate for fixed-price construction subcontracts. GAO's cost estimating guide established these 12 steps, which reflect commercial best practices to help agencies develop comprehensive, well documented, accurate, and credible cost estimates. Specifically, of the seven M&O contractors who operated NNSA sites during the period of our review, the policies of four M&O contractors met or substantially met most of the steps, but the policies of the remaining three contractors only met or substantially met a few steps. M&O contractors generally underestimated the costs associated with fixed-price construction subcontracts. Specifically, based on GAO’s analysis of 252 fixed-price construction subcontracts completed during fiscal year (FY) 2023, their combined final (or actual) costs exceeded the contractors’ initial cost estimates by more than $37 million, or 14 percent (see fig.). Most of these cost increases occurred after the M&O contractors had already awarded these subcontracts. Fixed-price subcontracts provide for a price that is firm or adjustable (based on specific contract terms), and other adjustments are at the expense of the subcontractor. According to contractor representatives, cost increases can occur for multiple reasons after the award of a fixed-price subcontract, including for expansions of the project’s scope or unanticipated expenses. In such cases, increased costs may be borne by both NNSA and subcontractor. Estimated and Actual Costs of Fixed-Price Construction Subcontracts Completed in Fiscal Year 2023 NNSA oversees the cost estimating policies of its M&O contractors for fixed-price construction subcontracts to a limited extent. For example, according to Department of Energy (DOE) acquisition regulations, contractor purchasing systems—which include policies for conducting cost estimates of fixed-price subcontracts—should identify and apply commercial best practices. In addition, according to DOE guidance, NNSA is to review contractor purchasing systems at least every 6 years. NNSA has approved all its M&O contractors’ purchasing systems but has not ensured that its M&O contractors’ policies are substantially meeting all 12 steps for developing a reliable cost estimate. By ensuring M&O contractors’ cost estimation policies incorporate commercial best practices consistent with GAO’s cost estimating guide, NNSA would have greater assurance that contractors’ cost estimates are more reliable for realistic program planning, budgeting, and management. Why GAO Did This Study NNSA spends millions of dollars on hundreds of construction projects each year to maintain and modernize the research and production infrastructure at its eight nuclear security enterprise sites. NNSA relies on M&O contractors at its sites to manage the day-to-day activities associated with these construction projects. For less costly projects, M&O contractors may use fixed-price subcontracts to procure the services of subcontractors. The report accompanying the Senate bill for the National Defense Authorization Act for FY 2024 includes a provision for GAO to review NNSA’s use of fixed-price construction subcontracts. This report examines (1) the extent to which M&O contractor policies for estimating the costs of fixed-price subcontracts followed best practices, (2) the performance of M&O contractors in estimating costs, and (3) the extent to which NNSA oversees the cost estimating policies of its M&O contractors. To do this work, GAO reviewed relevant regulations and DOE and NNSA directives and guidance on estimating costs for fixed-price construction subcontracts. GAO also analyzed contractor documentation and cost estimation data, and interviewed NNSA officials and M&O contractor representatives.

What GAO Found In June 2025, GAO identified three priority recommendations for the Office of the National Cyber Director (ONCD). These three recommendations involve the following area: Improving cybersecurity. Implementing these priority recommendations could help ONCD more effectively carry out its leadership responsibilities needed to ensure the cybersecurity of the nation. Why GAO Did This Study Priority recommendations are the GAO recommendations that have not been implemented and warrant attention from heads of key departments or agencies because their implementation could save large amounts of money; improve congressional or executive branch decision-making on major issues; eliminate mismanagement, fraud, and abuse; or ensure that programs comply with laws and funds are legally spent, among other benefits. Since 2015, GAO has sent letters to selected agencies to highlight the importance of implementing such recommendations. For more information, contact Nick Marinos at marinosn@gao.gov.

Why This Matters The Centers for Medicare & Medicaid Services (CMS) makes national coverage determinations to grant, limit, or exclude coverage for medical items and services for 68 million Medicare beneficiaries. CMS follows an evidence-based process to determine whether items are reasonable and necessary for prevention, diagnosis, or treatment of an illness or other condition. GAO Key Takeaways Requests for national coverage determinations can be made by health providers, organizations, the public or internally by CMS. CMS reviews the requests and prioritizes the analyses to make coverage determinations. CMS met specified time frames of 9 or 12 months for 83 percent (44 of 53) of the analyses it made determinations for from October 2012 through February 2025. The remaining nine took an additional 6 to 351 days to finalize. We found the agency did not systematically identify the causes of delays when it did not meet specified time frames. Doing so would allow CMS to better monitor its performance and improve timely analyses, which, in some cases, could help Medicare beneficiaries access new or enhanced evidence-based items and services. According to CMS officials, the agency works with contractors to help mitigate workload and staffing constraint challenges. Additionally, stakeholders cited challenges related to varied frequencies of CMS’s communication about the status of their requests and a lack of transparency about the criteria the agency uses to prioritize requests. CMS officials said they are creating an internal database that would provide requesters with routine updates, but the agency has not made public the criteria used to prioritize requests, leading to stakeholder concerns about transparency. Example of a Cardiac Pacemaker How GAO Did This Study We reviewed CMS’s Medicare coverage process and other documentation. We also compiled coverage analyses data to report on CMS’s ability to meet specified time frames, among other things. We interviewed officials from CMS and other agencies, and requesters and public commenters, who have taken part in the process.

What GAO Found Executive Order (EO) 14008, issued in 2021 and revoked in January 2025, directed federal agencies to take action to address the disproportionately high and adverse human health, environmental, climate-related, and other cumulative impacts on "disadvantaged communities." Specifically, the EO established the goal that 40 percent of the overall benefits of certain federal investments flow to such communities. Benefits could include, for example, improved health, lower home energy costs, or restored wetlands. The EO referred to this all-of-government effort as the Justice40 Initiative. The initiative did not itself create programs or provide funding. In January 2025, EO 14008 was revoked, thereby terminating the Justice40 Initiative. As of December 2024, the Environmental Protection Agency (EPA), Department of the Interior, and U.S. Department of Agriculture (USDA) had taken actions to implement the Justice40 Initiative. These actions included integrating related goals and strategies into agency plans, taking steps to address barriers underserved communities face in accessing federal programs, issuing internal guidance, and modifying programs covered by the Justice40 Initiative. For example, in 2022 EPA issued guidance directing the 28 National Estuary Programs receiving funding through the Infrastructure Investment and Jobs Act to create a strategy describing how the funds would be used to increase benefits to disadvantaged communities, as well as how those benefits would be tracked. The agencies also conducted outreach to Tribes, community groups, state and local governments, businesses, and the public to inform these efforts. For example, in 2022 USDA established an Equity Commission that identified barriers to inclusion or access to USDA programs. USDA then took steps to address those barriers, such as by publishing a guide to help underserved farmers, ranchers, and forest landowners better understand and access programs and resources available to them. The three agencies also took preliminary steps to assess the results of their actions to implement the initiative. These steps included identifying data needed to evaluate barriers to and progress toward the Justice40 goal, and reporting on some programs' funding to and impacts on underserved communities. For example, Interior reported that as of fiscal year 2024 approximately 44 percent of the more than 9,600 abandoned oil and gas wells plugged by state and local partners with funding from Interior's Orphaned Wells Program were in disadvantaged communities. With the termination of the initiative in January 2025, the overall results of agency actions remain unknown. According to GAO's review of agency and Office of Management and Budget (OMB) materials, by December 2024 EPA, Interior, USDA, and OMB had not reported on what benefits resulted from each program, how those benefits were measured, or what the overall amount of funding or benefits was delivered to disadvantaged communities. Further, as of December 2024, neither the three agencies nor OMB had reported any assessments of agency actions to implement the initiative. The three agencies faced a variety of challenges identifying and measuring benefits across programs that operate at various geographic and time scales—benefits that may be difficult to attribute or quantify and may take years to manifest. Why GAO Did This Study Federal agencies were tasked with implementing the Justice40 Initiative for their programs—including those established by the Inflation Reduction Act of 2022 (IRA) and Infrastructure Investment and Jobs Act—that made investments in certain areas, such as clean transit and training and workforce development. By November 2023, 19 agencies had identified 518 programs that made qualifying investments, such as grants and loans, to Tribes, states, individuals, organizations, and other entities. According to the Executive Office of the President's 2023 Environmental Justice Scorecard, Congress appropriated approximately $618 billion total for the programs for fiscal years 2022 through 2027, including supplemental appropriations such as the IRA. The IRA included a provision for us to support oversight of the distribution and use of funds appropriated under the IRA and whether the economic, social, and environmental impacts of those funds are equitable. We were also asked, prior to the initiative's termination, to review implementation of the Justice40 Initiative. This report provides information on the actions that three of the agencies with the most covered programs had taken, as of December 2024, to implement the initiative and related efforts, as well as steps they had taken to assess those actions. The three agencies GAO examined are EPA, Interior, and USDA. This report also provides information on how OMB had used the agencies' data on Justice40 implementation as of December 2024, prior to the initiative's termination in January 2025. GAO reviewed documents from and interviewed officials and staff at EPA, Interior, USDA, and OMB to understand the actions each had taken as of December 2024 to implement and assess the Justice40 Initiative. For more information, contact J. Alfredo Gómez at gomezj@gao.gov.

What GAO Found Federal laws, executive orders (EO), and related guidance include various artificial intelligence (AI)-related requirements for agencies. Federal offices and agencies are charged with adhering to AI-related requirements. GAO identified 94 AI-related requirements that were government-wide or had government-wide implications (e.g., the General Services Administration is required to create an AI Center of Excellence which affects the entire federal government). See figure for a summary of the requirements. Summary of Artficial Intelligence (AI) Requirements Identified in Federal Laws, Executive Orders, and Guidance, as of July 2025 Ten executive branch oversight and advisory groups have a role in the implementation and oversight of AI in the federal government, including the National AI Advisory Committee and National AI Initiative Office. Why GAO Did This Study AI holds substantial promise for improving the operations of government agencies. This report describes (1) federal agencies’ current AI-related requirements in law, executive orders, and guidance; and (2) the roles and responsibilities of AI oversight and advisory groups.  To address the first objective, GAO identified agency requirements regarding the implementation of AI in federal laws, EOs, and guidance. GAO selected requirements that (1) were current (i.e., those with ongoing or forthcoming deliverables) and (2) were government-wide in scope or had government-wide implications. To address the second objective, GAO reviewed laws and EOs to identify federal AI oversight and advisory groups. GAO also reviewed laws, EOs, agency documentation, and organization charters to identify and describe the roles and responsibilities of these AI oversight and advisory groups. For more information, contact Kevin Walsh at walshk@gao.gov.

What GAO Found GAO independently identified three broad categories for the objectives of U.S. sanctions and export controls on Russia (see figure). U.S. agencies have made progress toward these objectives, but Russia has circumvented some U.S. sanctions and export controls. Specifically, GAO found that Russia's economic growth was about 6 percentage points lower in 2022 than what might have happened absent the events in 2022, including the invasion of Ukraine and sanctions. However, GAO's analysis did not find that economic growth was statistically different than expected in 2023 and 2024. A price cap on Russian oil likely kept Russian oil production and exports relatively stable but Russian actions, such as the use of a “shadow fleet” to export oil, limited the cap's efficacy. U.S. agencies assess that export controls have hindered but not completely prevented Russia's efforts to obtain U.S. military technologies. While U.S. agencies have taken various actions to hold malign Russian actors accountable, including freezing assets, the agencies reported challenges in assessing their effectiveness. GAO-Identified Categories for the Objectives of U.S. Sanctions and Export Controls on Russia U.S. agencies primarily responsible for implementing sanctions and export controls on Russia have not established clearly defined objectives linked to measurable outcomes with targets for their activities. As a result, agencies cannot fully assess progress towards achieving their objectives, thus limiting the U.S. government's ability to determine the effectiveness of its broader sanctions and export controls efforts related to Russia. This information is crucial for improving current efforts and informing the future use of sanctions and export controls. As of September 30, 2024, U.S. agencies had obligated about $164 million in Ukraine supplemental funding for activities related to sanctions and export controls on Russia. These agencies used this funding for staff and investigative tools, among other uses. For example, a Department of State bureau used supplemental funding to increase the size of its workforce dedicated to identifying Russian sanctions targets. GAO found that two State bureaus have not assessed risks to these sanctions activities when their supplemental funding expires on September 30, 2025. As a result, the bureaus cannot develop an effective plan to sustain or restructure these activities, threatening broader goals. Why GAO Did This Study The U.S. and its allies responded to Russia's 2022 invasion of Ukraine with wide-ranging sanctions and export controls, including a price cap on Russian oil. U.S. agencies received additional resources under Ukraine supplemental appropriations acts, some of which they used for sanctions and export controls. Congress included a provision in Public Law 117-328 for GAO to conduct oversight of Ukraine supplemental funding. For U.S. sanctions and export controls related to Russia's invasion of Ukraine, this report examines progress toward objectives and the extent to which U.S. agencies have established objectives with measurable outcomes and assessed risks to activities funded by supplemental resources, among other objectives. GAO analyzed agency documents and data, performed economic analyses, reviewed relevant literature, interviewed agency officials, and selected and interviewed 11 knowledgeable stakeholders, including former government officials and economists. GAO selected these stakeholders based on their expertise related to sanctions or export controls.