The Department of Defense (“DoD”) Office of the Inspector General (“IG”) recently issued a report critical of the DoD’s management of its information technology (“IT”). According to the report, “DoD has not fully implemented policies and procedures to establish an effective, enterprise-wide governance structure for managing its information technology.”
The problems appear to be three-fold and are organized in the report under the headings “Governance for Business Systems,” “IT Portfolio Management,” and “Information Security.” Most problematic, perhaps, is the DoD’s failure to fully clarify which policies apply to DoD employees and programs. For example, the report states that “DoD had not issued clear guidance on populating and maintaining the asset inventory for the [Global Information Grid].” With regard to IT Investment Reporting, the report stated that “the Component CIOs and Chief Financial Officers did not include all of the required information in the submission reports. A particularly glaring omission was information pertaining to security and privacy.”
While the report stated that “DoD is making progress,” the conclusions were clear: DoD lacks the oversight of its IT systems necessary to ensure that it complies with the National Defense Authorization Act for Fiscal Year 2005, the Clinger-Cohen Act, and a variety of other legislation.
This update is published by Venable LLP. Venable publications are not intended to provide legal advice or opinion. Such advice may only be given when related to specific fact situations. © Copyright by Venable LLP 2005.