We recommend that the GSA Administrator strengthen controls to ensure that: (a) TAA-compliant products are prioritized during future procurements; (b) TAA contracting officer determinations are adequately reviewed prior to approval, including any comparisons or market research performed; (c) head of contracting activity non-availability determinations are obtained prior to procuring TAA-noncompliant products; and (d) information technology equipment is being updated in a timely manner to reduce the risk of overlooking identified vulnerabilities.