Report | Jan. 11, 2021

Project Announcement: Audit of DoD’s Implementation of the Cybersecurity Information Sharing Act of 2015 (Project No. D2021-D000CU-0078.000)


We plan to begin the subject audit in January 2021. We are conducting this audit as mandated by the Cybersecurity Information Sharing Act of 2015 (CISA). CISA requires the Inspectors General of seven Federal entities—the Departments of Commerce, Defense, Energy, Homeland Security, Justice, and Treasury, and the Office of the Director of National Intelligence—to jointly report to Congress no later than 2 years after the enactment date of CISA, and once every 2 years thereafter, on the actions of the Executive branch of the U.S. Government to carry out CISA requirements. The objective of this joint audit is to assess DoD actions taken in 2019 and 2020 to implement CISA requirements (attached). The Inspectors General will submit an unclassified, interagency report to Congress by December 2021. We may revise the objective as the audit proceeds, and we will also consider suggestions from management for additional or revised objectives.