Audit of USAID's Implementation of Selected Recommendations on Improving the Handling and Maintenance of Classified Information and Hardware (Summary)
Sign inINSPECTOR GENERAL’S OFFICE
The Office of the Director of National Intelligence (ODNI) and the National Archives and Records Administration (NARA) conducted an assessment of USAID's procedures for safeguarding classified information in response to the WikiLeaks release of classified information in 2010.
2014 · 3 pages

Abstract
The assessment included 55 recommendations for improving USAID's safeguarding of classified information. USAID's Office of Inspector General (OIG) also conducted a separate assessment, which included five recommendations. Two USAID offices, the Office of Security and the Office of the Chief Information Officer (OCIO), were primarily responsible for implementing the 60 ODNI/NARA and OIG recommendations. As of February 7, 2013, USAID officials reported that they had implemented and closed 37 of the 60 recommendations, including 36 from the ODNI/NARA report and 1 from the OIG report. However, the audit found that USAID had not implemented or could not support the closure of 9 of 19 selected recommendations. The audit disclosed that USAID could not support or had not completed closure of eight recommendations from the ODNI/NARA external assessment. Some recommendations should not have been closed because they lacked supporting documentation, while others hinged on policies and procedures that were still in draft. Additionally, USAID could not demonstrate having fully implemented one recommendation from the Office of Inspector General. The audit found that USAID's standards for determining final action did not include verifying documentation submitted by the auditee, and that documentation did not contain sufficient detail. To address these findings, the audit recommends that USAID's Chief Financial Officer track and monitor the status of the ODNI/NARA recommendations and verify that the Agency takes and documents corrective action on them. The audit also recommends that USAID revise the Audit Performance and Compliance Division's standards for determining final action to include verifying corrective action. USAID made management decisions on both recommendations and took final action on one.
Connected topics
Classification
USAID DEC