Audit of Department of State FY 2024 Compliance With the Geospatial Data Act of 2018

What OIG Audited 
The Geospatial Data Act of 2018 (GDA) requires federal agencies that collect, produce, acquire, maintain, distribute, use, or preserve geospatial data to comply with certain requirements. The GDA is designed to promote geospatial data sharing and to encourage the use of existing geospatial data when possible. Among other things, the GDA requires covered agencies, including the Department of State (Department), to comply with 13 requirements that each covered agency must implement. The GDA also requires inspectors general to audit covered agencies’ compliance with the GDA every 2 years.  

The Office of Inspector General (OIG) conducted this audit to determine whether the Department, defined as a covered agency in the GDA, complied with the 13 covered agency responsibilities in accordance with Section 759(a) of the GDA, codified at 43 United States Code § 2808(a).  

What OIG Recommends 
OIG made seven recommendations to address the deficiencies identified in this report. Based on the Bureau of Intelligence and Research’s (INR) response to a draft of this report, OIG considers the seven recommendations resolved, pending further action. A synopsis of INR’s comments to the recommendations offered and OIG’s reply follow each recommendation in the Audit Results section of this report. The response received from INR is included in its entirety in Appendix C. 

What OIG Found 
The Department continues to make progress implementing the 13 covered agency requirements from the GDA, but improvements are needed to achieve full compliance. OIG found that the Department had fully complied with 2 of 13 covered agency requirements. Specifically, the Department developed a Geospatial Data Strategy and appointed the Department’s Geographer to lead the Department’s efforts to implement the GDA. However, the Department had not fully implemented the remaining 11 covered agency requirements. Although several bureaus and offices that regularly collect, use, maintain, and disseminate geospatial data have existing practices that may assist in the Department’s implementation of GDA requirements, the Department must address its responsibilities Departmentwide rather than at the component level to achieve full compliance with each GDA requirement.   

The Department had not fully complied with all GDA requirements, in part, because it did not clearly identify what qualified as geospatial data for purposes of compliance with the GDA. In addition, the Department did not maintain a geospatial data inventory as required by the GDA. The Department also lacked overarching policies, procedures, and guidance; instead, bureaus followed informal or general practices to carry out many GDA responsibilities. Additionally, the Department provided insufficient oversight to ensure that bureaus were meeting their GDA responsibilities. Furthermore, the Department did not clearly define roles and responsibilities related to the GDA and lacked a comprehensive, long-term funding plan to facilitate compliance with its GDA responsibilities. Finally, the Department did not ensure that geospatial data and activities were included on records disposition schedules.    

As a result, the Department is susceptible to inefficient and ineffective management of geospatial assets, which increases the risk of inconsistent efforts or the inability to minimize the costs to acquire, manage, share, and use geospatial data, expertise, technology, and services.