Department of Defense: Procurement and Management in the Spotlight
July 30, 2019
There’s more chatter about Oracle’s attempt to remain relevant at the Pentagon. Almost overlooked is the report by the Department of Defense’s Inspector General. The IG had the delightful task of auditing contractor networks. The idea was that maybe some processes could be improved.
ExecutiveGov noted:
DoD OIG found that the agency’s contracting offices have not developed approaches that will help validate contractual requirements, send contractor notifications, mark CUI documents and confirm implementation of CUI security controls. In addition, the report confirmed that the Defense Threat Reduction Agency did not take prompt action to mitigate the leak of information from a DoD contracting office.
FedScoop pointed out:
The report also cites some communication failures. A failure to properly mark controlled but unclassified information, for example, blinded contractors to what steps they needed to take to ensure information security. DOD contracting offices “inconsistently tracked” which contractors had what type of information, leaving both sides of the contracting process in the dark, the report states.
Interesting reading because the report may be helpful to different DoD centric entities. There are some redactions, but the main points are clear. DarkCyber found the comments about “no oversight” interesting. Without oversight, is cost control possible? Can scope creep be limited?
Stephen E Arnold, July 30, 2019