Aug. 15, 2016
DoD's Policies, Procedures, and Practices for Information Security Management of Covered Systems (Redacted)
We summarized DoD’s policies, procedures, and practices related to implementing logical access controls, conducting software inventories, implementing information security management, and monitoring and detecting data exfiltration and other cyber threats. We also assessed whether DoD Components followed logical access control policies, procedures, and practices. The DoD Office of Inspector General prepared this report in response to the requirements of the Cybersecurity Act of 2015, section 406, December 18, 2015.