The CyberCorps Scholarship for Service Program—managed by the National Science Foundation (NSF), Office of Personnel Management (OPM), and Department of Homeland Security (DHS)—requires recipients to work in government jobs for a period of time after graduation.
The Government Accountability Office (GAO) has found that NSF and OPM fully complied with 13 legal requirements for managing the program and partially complied with six. The government watchdog also found that NSF has not yet implemented a strategy to effectively manage risks and challenges, such as ensuring recipients meet their service obligation.
GAO has previously reported that federal agencies faced challenges in ensuring that they have an effective cybersecurity workforce. What is now known as the CyberCorps Scholarship for Service Program—operated by NSF in conjunction with OPM and DHS—was established in 2000 to increase the supply of new government cybersecurity employees. Since its inception, NSF reports that the program has awarded about $621 million in scholarships to over 4,707 recipients.
The CyberCorps Scholarship for Service Program provides participating institutions of higher education with scholarships to students in approved IT and cybersecurity fields of study. As a condition of receiving scholarships, students are required to enter agreements to work in qualifying full-time jobs upon graduation for a period equal in length to their scholarship.
The partially complied with requirements include the following:
- Scholarship recipients are required to provide OPM with annual verifiable documentation of post-award employment. OPM officials acknowledge that recipients provide verifiable employment documentation and up-to-date contact information only at the beginning and end of the service commitment period, rather than annually as required by law.
- NSF is required to periodically report on program performance, including how long scholarship recipients stay in the positions they enter after graduation. OPM attempts to answer this by surveying recipients. However, GAO said recipient response rates ranging from 32 to 50 percent do not yield reliable and complete results.
- GAO is making three recommendations to NSF and two to OPM to comply with legal requirements and implement a risk management strategy. Both agencies agreed with GAO’s recommendations.