What We Did:
The objective of this evaluation was to determine the extent to which the Secretary of Defense and other DoD personnel complied with DoD policies and procedures for the use of the Signal commercial messaging application (Signal) for official business. Additionally, we reviewed compliance with classification and record retention requirements.
What We Found:
At 2054 EDT on March 14, 2025, approximately 17 hours before the beginning of the March 15 strikes, the Commander of the U.S. Central Command (USCENTCOM) sent an email classified SECRET and not releasable to foreign nationals (SECRET//NOFORN) to the attention of the Secretary and the Acting Chairman of the Joint Chiefs of Staff. This email provided operational details and updates to senior DoD leadership, including detailed information on the means and timing of the strikes. We determined that, based on the content of the email, USCENTCOM personnel classified the email consistent with Executive Order 13526 and the USCENTCOM security classification guide.
What We Recommend:
We recommend that the Chief of the USCENTCOM Special Security Office review the command’s classification procedures for compliance with DoD Manual 5200.01, Volume 2, and issue additional procedures, as necessary, to ensure proper portion marking of classified information. We are not making any additional recommendations in this report. Our report, “Evaluation of DoD Policy and Oversight Reports Related to Using Non–DoD-Controlled Electronic Messaging Systems to Conduct Official Business,” (DODIG-2026-022) recommended that the DoD improve training for senior DoD officials on the proper use of electronic devices. Once implemented and adhered to, the corrective actions would comply with information security and recordkeeping requirements.