(CNN) - More than a year after President Obama called for improved national cybersecurity, only two of his recommendations have been fully implemented and the remaining 22 have been only partially implemented, a federal audit said Thursday.
Delays stem from federal agencies "moving slowly because they have not been assigned roles and responsibilities," the Government Accountability Office report said. Also, the position of a new cybersecurity policy official was vacant for seven months, auditors said.
Most of the recommendations also failed to have milestones and plans for implementation, the report found.
"Consequently, until roles and responsibilities are made clear and the schedule and planning shortfalls identified above are adequately addressed, there is increased risk the recommendations will not be successfully completed, which would unnecessarily place the country's cyber infrastructure at risk," the report said.