Management Implication Report 24-0014-I, GPO Government Cell Phone Applications

Title Full

Government Publishing Office, Office of the Inspector General, Investigations Division Management Implication Report 24-0014-I, GPO Government Cell Phone Applications

Date Issued

Monday, June 16, 2025

Submitting OIG

Government Publishing Office OIG

Agencies Reviewed/Investigated

Government Publishing Office

Report Number

24-0014-I

Report Description

The GPO OIG Investigations Division investigated GPO-issued cell phones, comparing application data against GPO policy, particularly Section 7, Subsection C, paragraphs 6 and 14 of GPO Directive 825.29E on Internet and Email Policy.

Report Type

Investigation

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Report updated under NDAA 5274

Open Recommendations

This report has 3 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
24-0014-I -01	No	$0	$0
Enroll all GPO-issued devices in a Mobile Device Management system capable of controlling application installations, limited to only approved applications, and enforcing policy compliance.
24-0014-I -02	No	$0	$0
While the current annual GPO Cybersecurity Awareness Training highlights the risks of downloading mobile applications, the OIG recommends that the annual training include more information about or greater emphasis on the prohibition of downloading personal or non-GPO software on GPO-issued mobile devices.
24-0014-I -03	No	$0	$0
Current GPO IT policy strictly prohibits application downloads. GPO should consider updating IT policies to more clearly define the scope of acceptable and prohibited uses, including establishing a “whitelist” of approved applications. The updated policy should better delineate reasonable personal use, use while off-duty, and the consequences for violations, to include loss of network access or mobile phone use.