Federal Reports

This report contains Sensitive Information and will not be posted.

What We Looked AtGeospatial data--which Federal agencies use to achieve their missions--contain information tied to locations, including geographic location identifiers. Transportation related geospatial data include instrument-flight-rule navigation charts and pipeline inspection boundary maps. In October 2018, Congress passed the Geospatial Data Act (GDA) on the management of the National Spatial Data Infrastructure (NSDI). NSDI has 18 geospatial data themes that cover data used by Federal agencies, including a transportation theme. Section 756 of the GDA requires Federal Geographic Data Committee to identify one or more covered agencies to serve as the lead covered agency for a specific data theme. The act's section 759 sets requirements for covered agencies. As the lead covered agency for the transportation theme, the Department of Transportation (DOT) must address requirements under GDA section 756(b) for the transportation theme, and as a covered agency the requirements under sections 759(a) and 759(b). The act also requires inspectors general of covered agencies to report to Congress once every 2 years on their agencies' geospatial data-related activities. Our audit objective was to assess DOT's progress since our 2020 GDA audit. Specifically, we assessed the Department's progress implementing its responsibilities (1) as a lead covered agency under section 756(b) and (2) as a covered agency under sections 759(a) and 759(b) of the act.What We FoundDOT has made progress complying with lead covered agency requirements. In 2020, DOT met two of the five lead covered agency requirements--information on user needs and theme administration. In 2022, DOT fully meets four requirements and partially meets one--a plan to implement standards for theme data. DOT has also made progress on the 12 applicable covered agency requirements. In 2020, DOT had met 4 of the 12 applicable requirements and in 2022, fully meets 9. The Department has not yet fully complied with the requirements for implementation of a geospatial information system strategic plan, records preparation, and the use of geospatial information. DOT complied with the requirements on annual reporting and maintenance of a geospatial data asset inventory.RecommendationsWe made one recommendation to help DOT comply with the requirements for lead covered agencies in the act's section 756(b). DOT concurred with our recommendation.

What We Looked AtUnmanned Aircraft Systems (UAS), commonly known as “drones,” are rapidly growing in number in the National Airspace System. Currently, there is limited infrastructure available to manage widespread expansion of small UAS operations in low-altitude airspace (below 400 feet) where the Federal Aviation Administration (FAA) does not provide air traffic services. Congress directed FAA to conduct activities that will allow implementation of UAS Traffic Management (UTM), including a UTM Pilot Program. Citing the importance of UAS traffic management, the Ranking Members of the House Committee on Transportation and Infrastructure and its Aviation Subcommittee requested that we evaluate FAA’s efforts to develop and implement UTM, including the pilot program and any interactions FAA has had with other Government agencies. Our objectives were to assess FAA’s (1) progress with UTM development and implementation, including results of its UTM Pilot Program, and (2) collaboration with other Government agencies regarding UTM. What We FoundFAA has made initial progress in developing a UTM framework and testing UTM concepts through the UTM Pilot Program. For example, FAA continues to develop and refine its concept of operations and has deployed some initial UTM capabilities, such as an automated system for authorizing UAS operations near airports. However, FAA has not established milestones for implementing the policies and processes necessary to allow for UTM deployment or finalized how the Agency plans to use the UTM Pilot Program results to inform near-term efforts. While UTM stakeholders stated that the pilot program was successful, they noted common areas of concern with UTM implementation, such as slow progress, the need for additional rules for remotely identifying UAS, and lack of information on next steps. In addition, FAA has not yet completed coordination with other Government agencies. Our RecommendationsFAA concurred with two of our four recommendations to improve FAA’s efforts to develop and implement a UTM and partially concurred with the other two. Based on FAA’s response, we consider all four recommendations resolved but open pending completion of planned actions.

What We Looked AtThis report presents the results of our quality control review (QCR) of an audit of the Department of Transportation’s (DOT) information security program and practices. The Federal Information Security Modernization Act of 2014 (FISMA) requires agencies to develop, implement, and document agencywide information security programs and practices. FISMA also requires inspectors general to conduct annual reviews of their agencies’ information security programs and report the results to the Office of Management and Budget. To meet this requirement, we contracted with CliftonLarsonAllen LLP (CLA) to conduct this audit subject to our oversight. The audit objective was to determine the effectiveness of DOT’s information security program and practices in five function areas—Identify, Protect, Detect, Respond, and Recover. What We FoundOur QCR disclosed no instances in which CLA did not comply, in all material respects, with generally accepted Government auditing standards. Our RecommendationsDOT concurs with all eight of CLA’s recommendations. CLA considers all eight recommendations resolved but open pending completion of planned actions.