This management advisory provides recommendations related to the DoD Office of Inspector General’s review of the DoD’s compliance with the Federal Information Security Modernization Act of 2014 (FISMA), which we announced on December 11, 2023 (Project No. D2024‑D000CP‑0043.000). However, the results in this management advisory do not fully represent all the requirements for each metric or the DoD’s overall FISMA rating. We conducted work on this management advisory from December 2023 through January 2025 with integrity, objectivity, and independence, as required by the Council of the Inspectors General on Integrity and Efficiency’s Quality Standards for Federal Offices of Inspector General.