The purpose of this memorandum is to notify you that we are initiating the subject audit. The objective of this audit is to assess the progress made by the Department of the Air Force in mitigating the Defense Critical Infrastructure (DCI) cybersecurity vulnerabilities identified during DoD assessments conducted in response to Section 1650 of the NDAA for FY 2017. We may revise the objective as the audit proceeds, and we will also consider suggestions from management for additional or revised objectives. We plan to perform this audit in accordance with the Government Accountability Office’s generally accepted government auditing standards. This audit is the second in a planned series of audits that addresses the DoD’s ability to protect DCI against cyber vulnerabilities.