Pick Up After Your DOGE Act

This bill orders a deep check of certain federal computer systems to make sure they are safe. First, the head of the U.S. DOGE Service must list every federal agency where DOGE teams or their helpers accessed systems or data, and send that list to Congress and the Government Accountability Office (GAO) within 30 days . Then GAO must start audits within 60 days to find security weaknesses in systems touched by the DOGE Service or its affiliates, with early focus on Social Security, Health and Human Services/CMS, and Treasury/IRS . GAO must deliver initial results in one year for those key agencies and finish the rest within two years. After an agency gets an audit report, it has 90 days to fix the problems and update Congress on its progress .

In practice, this aims to protect people’s personal data at major agencies by finding and fixing software bugs quickly. It also increases transparency about who accessed government systems and when .

• Who: Federal agencies, especially Social Security, HHS/CMS, and Treasury/IRS; GAO; U.S. DOGE Service
• What: Report all DOGE-related system access; launch security audits; fix any found vulnerabilities within 90 days; report status to Congress
• When: 30 days for the access report; 60 days to start audits; 1 year for initial audit results; 2 years for final results; 90 days for fixes after each audit report