March 13, 2020

Followup Audit on Corrective Actions Taken by DoD Components in Response to DoD Cyber Red Team-Identified Vulnerabilities and Additional Challenges Facing DoD Cyber Red Team Missions (DODIG-2020-067)

Publicly Released: March 17, 2020

The objective of this followup audit was to determine whether DoD Cyber Red Teams and DoD Components took actions to correct problems identified in Report No. DODIG-2013-035, "Better Reporting and Certification Processes Can Improve Red Teams' Effectiveness," December 21, 2012. In addition, we determined whether DoD Cyber Red Teams supported operational testing and combatant command exercises to identify network vulnerabilities, threats, and other security weaknesses affecting DoD systems, networks, and facilities, and whether corrective actions were taken to address DoD Cyber Red Team findings. We also assessed risks affecting the ability of DoD Cyber Red Teams to support DoD missions and priorities.

March 12, 2020

Project Announcement: Termination of the Audit of the DoD's Response To and Recovery from Cyber Incidents (Project No. D2019-D000CU-0041.000)

We announced the subject audit on April 2, 2019, (attached). The objective was to determine whether the DoD was adequately responding to and recovering from cyber incidents to mitigate adverse operational and technical impacts in accordance with Federal and DoD guidance. We are terminating this audit because continuing with the project would mean duplicating the work of another team and represent inefficient use of DoD OIG resources. We appreciate the courtesies extended to the staff during the audit.

March 4, 2020

Response to Congress House Report 116-120, to accompany the National Defense Authorization Act for FY2020, “Measure Officer Accountability”

On March 4, 2020, the DoD OIG provided a response to the Chairman and Ranking Member of the House Armed Services Committee and on a reporting requirement contained in House Report 116-120.

March 4, 2020

Project Announcement: Oversight of the Audit of the FY 2020 DoD Medicare-Eligible Retiree Health Care Fund Financial Statements (Project No. D2020-D000FT-0090.000)

We plan to begin the project immediately. We contracted with the independent public accounting firm of Kearney & Company, P.C., to audit the DoD Medicare-Eligible Retiree Health Care Fund Financial Statements for the fiscal years ending September 30, 2020, and September 30, 2019. Kearney & Company’s objective is to determine whether the FY 2020 DoD Medicare-Eligible Retiree Health Care Fund Financial Statements and related notes are presented fairly and in conformity with accounting principles generally accepted in the United States.

March 2, 2020

Audit of DoD Supply Chain Risk Management Program for Nuclear Command, Control and Communication Systems (DODIG-2020-066)

The report is Classified. To file a Freedom of Information Act request, please submit a request to FOIA Online.

Feb. 26, 2020

Project Announcement: Audit of the Defense Health Agency’s Controls Over Health Records of HighProfile DoD Personnel (Project No. D2020-D000AW-0037.000)

We plan to begin the subject audit in February 2020. The objective of this audit is to determine whether the Defense Health Agency effectively controlled access to health records of high-profile DoD personnel, according to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We may revise the objective as the audit proceeds, and we will also consider suggestions from management for additional or revised objectives.

Feb. 25, 2020

Evaluation of Combined Joint Task Force—Operation Inherent Resolve’s Military Information Support Operations (DODIG-2020-065)

Publicly Released: February 27, 2020

The objective of this evaluation was to determine whether the Combined Joint Task Force-Operation Inherent Resolve (CJTF-OIR) planned and executed military information support operations (MISO) in accordance with joint doctrine, and coordinated its OIR messaging efforts and planned the transition of its messaging responsibilities with allies, the host nation, and the U.S. Department of State (DOS).

Feb. 24, 2020

Project Announcement: Joint Audit of the Department of Defense and Department of Veterans Affairs Efforts to Achieve Electronic Health Record Interoperability (DoD OIG Project No. D2020-D000CR-0092.000)

The Department of Defense (DoD) Office of Inspector General and the Department of Veterans Affairs (VA) Office of Inspector General plan to begin the subject joint audit in February 2020. The objective of this joint audit is to determine the extent to which the actions taken by the DoD and VA in acquiring and implementing a common, commercial electronic health record system and supporting architecture will achieve interoperability among the Departments and with external health care providers.

Feb. 24, 2020

Project Announcement: Termination of the Audit of DoD Military Health System Interoperability With Health Care Systems of the Department of Veterans Affairs and External Health Care Providers (Project No. D2019-D000CR-0156.000)

We announced the subject audit on June 26, 2019, (attached). The objective was to determine whether the DoD is developing standards and implementing controls to provide interoperability between the health care systems of the DoD, Department of Veterans Affairs, and external health care providers. We are terminating this audit because we plan to conduct a joint audit with the Department of Veterans Affairs, Office of Inspector General on actions taken by the Departments to achieve interoperability.

Feb. 21, 2020

Evaluation of DoD Law Enforcement Organization Submissions of Criminal History Information to the Federal Bureau of Investigation (DODIG-2020-064)

Publicly Released: February 25, 2020

The objective of our evaluation was to determine whether the DoD and its law enforcement organizations (LEOs) complied with Federal law and DoD policy for submitting the following DoD criminal history information to the Federal Bureau of Investigation (FBI) for entry into its criminal history databases.