Human Capital at High Risk

The federal government has long lacked a consistent approach to human capital management, and that makes it an area prone to problems or failure, according to the Government Accountability Office.

GAO on Wednesday released its biannual "High Risk List," which highlights 30 areas in government that are high risk due to their vulnerabilities to fraud, waste, abuse and mismanagement or are most in need of broad reform. Strategic human capital management has been on GAO's list since 2001.

GAO found that Congress and the executive branch have taken steps to address human capital shortfalls, including implementing new authorities and flexibilities to manage the federal workforce, undertaking an effort to streamline the federal hiring process and integrating telework programs into agency cultures and management plans.

As a result of the progress, auditors narrowed the scope of human capital as a high-risk area. GAO instead urged agencies to focus on the most significant areas to be addressed, including workforce planning, adapting recruiting and hiring strategies to changing workforce needs and effectively measuring key initiatives to address skills gaps.

"The federal government's current budget and long-term fiscal pressures underscore the importance of a strategic and efficient approach to the recruitment, hiring, development and retention of individuals with the needed critical skills," GAO noted.

GAO also flagged protection of the federal government's information systems as high risk, in part because of continuing insider threats from disaffected or careless employees and business partners as well as the ease of obtaining and using hacking tools. Information security has been on the high-risk list since 1997, and in 2003, GAO expanded the high-risk area to include cyber critical infrastructure protection.

Surprisingly, GAO did not mention that increasing the cadre of cybersecurity professionals is key to overcoming this challenge. GAO's 2009 list described increasing the number of cyber professionals as one of 12 key improvements for strengthening information security.