Inspector General Robert P. Storch announced today that the Department of Defense Office of Inspector General (DoD OIG) released a special report on the “Review of DoD OIG-Issued Reports Related to Protecting Classified Information.” The classified report highlights lessons learned and best practices related to cyber and physical security weaknesses identified in previously issued audit and evaluation reports.
From 2013 to 2023, the DoD OIG issued 31 audit, 22 evaluation, and two special reports that included a total of 690 recommendations regarding DoD programs, policies, and procedures related to DoD cybersecurity, operations and physical security, information security, personnel security, and insider threat programs. Of the 690 recommendations made over the past decade, 185, or just over one quarter, remained open as of May 2023.
IG Storch stated, “The DoD OIG has continuously identified cyber and physical security threats, including insider threats, as a Top DoD Management and Performance Challenge. The DoD should take timely action to address the 185recommendations that remain open because their implementation can significantly strengthen the DoD’s security posture and improve its ability to protect classified information.”
In addition to developing this report, the DoD OIG has met proactively on several occasions with Office of the Under Secretary of Defense for Intelligence and Security senior leadership to proactively discuss trends and issues related to cyber and physical security risk areas that the DoD OIG identified in prior audits and evaluations.
The report is classified and available to appropriately cleared individuals with a need to know upon request. For further information on this report, please submit a Freedom of Information Act request.