Pentagon Audit Uncovers Cybersecurity Issues

The U.S Department of Defense recently completed its first audit, which covered some $2.7 trillion in assets.  By law, all government agencies are required to undergo audits, but the DoD managed to avoid the process for decades due to widespread concerns about the feasibility of auditing such a massive bureaucracy.  While the DoD failed the audit (to nobody’s surprise), the process identified a number of issues that the department will now be able to remedy, particular in the area of cybersecurity.

Five organizations within the DoD passed the audit with no discrepancies in their books: the U.S. Army Corps of Engineers – Civil Works, the Military Retirement Fund, the Defense Health Agency – Contract Resource Management, the Defense Contract Audit Agency and the Defense Finance and Accounting Services – Working Capital Fund.  Two other organizations had minor issues: Medicare-Eligible Retiree Health Care Fund and the Defense Commissary Agency.

The majority of DoD agencies received disclaimers, meaning there were inventory discrepancies, financial reporting errors, or information technology security issues.  David L. Norquist, the DoD’s chief financial officer, said that most of the discrepancies involved IT security, such as not revoking certificates for personnel that have left the department or utilizing systems that could be hacked.

These IT issues may be some of the more beneficial findings of the audit.  With foreign governments and non-state entities become more adept at hacking, cybersecurity and information assurance has become an increasingly important area of concern for the U.S. military.  Program planners not only have to worry about securing battlefield networks and advanced weapons systems, but also the comparatively less exciting but equally important IT systems used within the department on a day-to-day basis.  Identifying these issues is a critical first step in revamping problematic systems and practices.

On the positive side, the audit did not identify any issues with civilian or military pay, and the major services were able to account for all major military equipment.  Norquist hopes that future audits will create a spirit of competition among the services to be the first to attain a clean audit.

About Shaun McDougall

Shaun McDougall is an analyst at Forecast International covering the U.S. and Canadian defense markets.

View all posts by Shaun McDougall →