In its latest look at how the State Department manages itself, the Government Accountability Office found State has made a lot of progress against a long list of recommendations. But a few biggies, like embassy construction and cybersecurity, still need some real attention. Joining Federal Drive with Tom Temin for the rundown was the GAO’s Director of International Affairs and Trade Issues, Jason Bair.
Insight by Galvanize: During this webinar Marianne Roth, the chief risk officer of the Consumer Financial Protection Bureau, will provide a deep dive into enterprise risk management at CFPB. Additionally, Dan Zitting, the CEO of Galvanize, will discuss how making better use of data and technology can help federal agencies more rapidly allow decision makers address and mitigate risks.
Tom Temin: Jason, good to have you back.
Jason Bair: Hey, it’s great to talk to you Tom.
Tom Temin: And give us the big picture here. It turns out that State Department is a little ahead of the government as a whole in getting after the long list of issues that GAO regularly kind of bird-dogs everybody on.
Jason Bair: Yeah, absolutely. So as you might imagine, GAO makes hundreds of recommendations every year to federal agencies and departments, and we tracked those recommendations over the course of four years. And of course, we’d like all those recommendations to be implemented, because we think they would improve the operations and efficiency of federal agencies. And what we found at the end of last year was when we look back over the last four years government wide, about 77% of our recommendations had been implemented. But when we did the calculation specifically for the State Department, like you said, they were just ahead of the game, about 79% of the recommendations we’d made four years ago had been implemented.
Tom Temin: Alright. So they’re a little bit ahead, but they do have some problems, areas that still need some attention, and you kind of divided them into six basic buckets. If you would just run briefly through what each of those is.
Jason Bair: Yeah, absolutely. And just to be clear here, what we’re talking about are the areas that we think are the highest priority. So we’ve got several dozen recommendations that are to the State Department for their implementation. But like you said, we really wanted to focus the attention of the senior levels of the department in six key areas. So the first is about security assistance, vetting. The second is about improving the quality of the data that they put out on foreign assistance. The third is about improving the management of their workforce, which is a critical component of the State Department. Next, we talked about improving the transparency of their embassy construction planning process, as well as focusing on cybersecurity and making sure that they are addressing the variety of cybersecurity risks that are important. And then last but not least, they do need to do better at complying with some congressional reporting requirements.
Tom Temin: And that first one, improving the security assistance vetting process, that has to do with making sure that foreign aid is administered through the State Department doesn’t go to evildoers basically, correct?
Jason Bair: As you know, we give billions of dollars in security assistance to foreign partners all across the globe. And the issue that we really honed in on several years ago was the need to have a global policy about making sure that we’re vetting the forces who are getting equipment for us to make sure that they haven’t committed human rights violations.
Tom Temin: Okay. And I wanted to zero in on cybersecurity. That seems to be the federal topic of the day. It’s the one area where the new, for example, budget proposal from the Biden administration has a lot of detail because it’s kind of vague in some other areas., but it’s pretty clear about cybersecurity. What is State Department’s bouquet of issues that they need to deal with with respect to cyber?
Jason Bair: Yeah, so Tom, you’re totally right. I mean, this is kind of the issue of the day. And frankly, it’s not just a federal issue, the private sector, individuals, federal government, and especially the State Department face a whole variety of cybersecurity threats, and we’re on record as saying the entire government really needs to have an implemented national cybersecurity strategy. With specific regard to the State Department, we’ve honed in on three specific areas. The first is really focused on kind of a workforce issue, because as much as we think about cybersecurity as a technical capabilities issue, there’s a really critical human capital component too, and we think they need to have the data and information available to them about what their cybersecurity workforce looks like so that they can identify gaps and make sure that they’re putting in place the workforce that they need. The second is doing a better job of integrating enterprise risk management, which is kind of the broad look at what’s the set of risks that an agency faces into the cybersecurity risks and getting those cybersecurity risks documented as an important part of that process. Because of course, we all clearly see that when you have a cybersecurity incident, it can impact your ability to perform your mission. The third and probably most recent area that we’ve honed in on here is the State Department understands and acknowledges that moving forward, it’s going to be important to have international norms on things like cybersecurity and emerging technologies. And so they embarked on a plan to develop a brand new bureau within the State Department that would focus on those issues. And while they do coordinate with other agency partners on these issues, what we found was that they didn’t do a good job of engaging with those partners, whether they be in the law enforcement community or on the technical side of things, to make sure that they got their input on what this new bureau needed to have in terms of capabilities, and how they needed to be organized. And without doing that, they did put themselves at risk for unnecessary duplication or fragmentation potentially of work.
Tom Temin: And did they generally agree with you on those points?
Jason Bair: So on two of those three, the first two I mentioned, they did agree. They actually disagreed with our recommendation they needed to do a better job of engaging with their stakeholders. I will say we made that almost a year ago during the previous administration, so we are an ongoing conversations with the current administration about their posture and their particular approach to handling the set of issues. And we’ll continue to monitor that.
Tom Temin: We’re speaking with Jason Bair, director of international affairs and trade issues at the Government Accountability Office. And briefly, the issue of overseas embassy construction transparency, the State Department, as I understand it, is about halfway through its 20 or 25 year process for replacing most of the embassies around the world. What are the big issues there?
Jason Bair: Great question. And you’re right, following the bombings in Kenya and Tanzania in the late 90s, the State Department embarked on a really large program to replace a number of embassies to improve their security efficiency and a whole variety of other things. What we’ve honed in on here is a part of the planning process that we think is really important, because it is one a significant amount of money. And two, as you already pointed out, i’s going to take a long time, it’s important for them to factor in the impact of inflation, because we are looking at long timeframes. The impact of inflation is magnified over time, they need to make sure that they’re factoring in inflation for not only their cost estimates, but what impact is going to have on their timeframes. And they need to be transparent about that in their budget requests and the information that they provide to other stakeholders.
Tom Temin: And they agree with you on that one too?
Jason Bair: Yes, they’re in the process of developing that in their FY 21 budget, I haven’t looked at the FY 22 one yet. But in the FY 21 budget, they did, at least factor it into the numbers, but we think they need to do some increased transparency about how that works.
Tom Temin: And we should point out, they have built some really great new embassies in the last few years.
Jason Bair: Yeah, some of the embassy architecture really is frankly, award winning. And as they’re moving people into more secure facilities, that is an important part of what they’re trying to do here. So that’s all really, really great progress.
Tom Temin: And there is a lot in your report. But I did want to make sure we talked about improving workforce management, because ultimately that’s what everything is all about in some sense. And what are the main recommendations or the open issues with respect to how State does manage its workforce?
Jason Bair: Yeah, you’re right. And in many ways, the State Department workforce is incredibly talented, and they are quite literally representing the United States to the rest of the world, so we think it is critically important to pay attention to those issues. We have a couple of issues that are related to hardship pay. So as you might imagine, there are US diplomats posted abroad who got additional pay for serving in places like Iraq or Afghanistan, where their physical security is in danger. But there are diplomats in a lot of other countries posted around the world that get hardship pay because of environmental pollution, or a lack of access to high quality medical care, things like that. And so State Department spends $100 million or more on those hardship pay allowances. And we think they need to do a better job kind of staying on top of those, making sure that they’re starting them and stopping them at the appropriate times. But I think the second area that we’ve really honed in on in the last year and a half, with regard to workforce management, is diversity. This is a long standing issue at the State Department. And frankly, we were on record in the 1980s identifying some of the issues related especially to the senior levels at the State Department and the lack of diversity there. In our most recent report, we identified issues related to promotions, there were disparate impacts on promotions based on certain racial or ethnic groups. And so what we’ve really recommended is that State Department do more work to try to get at identifying barriers to equal opportunity in their workforce. And what we’re really trying to do is get them to understand what are the root causes here, because understanding the root causes is critically important to coming up with long term durable solutions. You might be able to come up with an idea which sounds really good, but if it’s not attacking the root cause of the issue, you’re probably not going to have a long term impact on it. And so that’s what we’re encouraging the State Department to do. And frankly, we’re encouraged by the things, frankly, from the secretary on down, that we’ve heard over the last six months in terms of their personal commitment to these things, as evidenced by the fact that for the first time ever, the State Department has a chief diversity officer. So we’re on an ongoing conversations with them about that. We’re continuing to monitor it and they seem like they’re on the right path.
Tom Temin: Jason Bair is director of international affairs and trade issues at the Government Accountability Office. Thanks so much.
Jason Bair: Thank you, it’s great to talk.