The Government Accountability Office has issued many recommendations for how the Office of Personnel Management can improve its management of the federal workforce, but the agency has been slow to put in place changes that would address those problems.

“In November 2018, we reported that on a governmentwide basis 77 percent of our recommendations made 4 years ago were implemented. OPM’s recommendation implementation rate was about 38 percent,” Gene L. Dodaro, comptroller general of the United States, wrote in an April 3 letter to OPM acting Director Margaret Weichert.

“As of April 2019, OPM had 89 open recommendations. Fully implementing these open recommendations could significantly improve OPM’s operations.”

According to a GAO report publicly released April 10, OPM currently has high-priority open recommendations across seven topic areas: mission critical skills gaps; delivering missions under constrained resources; improving federal classification systems; making hiring and special pay authorities more effective; improving enterprise human resource integration payroll data; addressing employee misconduct and performance management; and strengthening controls over IT systems.

Issues under OPM’s purview have also appeared on the GAO high-risk list, which identifies the areas of government operations that are most vulnerable to fraud, waste, abuse and mismanagement.

“One of our high-risk areas, strategic human capital management, centers directly on OPM,” Dodaro wrote.

“Several other governmentwide high-risk areas also have direct implications for OPM and its operations. These include (1) the governmentwide security clearance process, (2) ensuring cybersecurity of the nation, and (3) improving management of information technology acquisitions and operations. We urge your attention to these OPM and governmentwide high-risk issues as they relate to OPM.”

The high-priority categories include 18 recommendations for OPM:

  1. Establish a schedule specifying when OPM will modify its EHRI database to capture staffing data that it currently collects from agencies;
  2. Work with the Chief Human Capital Officer Council to develop a core set of metrics that all agencies should use as part of their HRstat data-driven reviews;
  3. Work with the CHCO Council to explore using governmentwide solutions to address human capital challenges;
  4. Explore ways to make the General Schedule more consistent with the attributes of a modern, effective classification system, and potentially develop a legislative proposal on the topic;
  5. Explore whether agency-specific pay and hiring authorities could be expanded or consolidated with the authorities of other agencies;
  6. Track governmentwide data to establish a baseline and analyze the extent to which the seven Title 5 special payment authorities are effective in improving employee recruitment and retention;
  7. Improve the availability of EHRI data to promote open data initiatives;
  8. Monitor system-generated error and edit check reports on the EHRI and ensure that timely action is taken to address identified issues;
  9. Disseminate promising practices and lessons learned in employee management;
  10. Provide guidance to agencies to enhance the training received by managers, supervisors and human capital staff to ensure that they have the guidance and technical assistance they need to effectively address misconduct and maximize the productivity of their workforces;
  11. Regularly update the performance management website to include all available guidance and resources;
  12. Provide agencies with a mechanism to independently share best practices and lessons learned in human capital management;
  13. Develop a strategic approach for identifying and sharing emerging research and innovations in performance management;
  14. Update security plans for IT systems to ensure that all controls for high-impact systems are addressed;
  15. Provide specialized training for individuals who perform significant security work;
  16. Re-evaluate security control assessments to ensure that they comprehensively test technical controls;
  17. Improve the timeliness of validating evidence associated with actions taken to address the United States Computer Emergency Readiness Team recommendations; and
  18. Develop and implement role-based training requirements for staff using continuous diagnostics and mitigation tools.