Highlights from UnClassified version OIG NSA Semi-Annual Report to Congress, 1 April 2018-30 September 2018
published today
https://www.oversight.gov/sites/default/files/oig-sa-reports/NSA%20OIG%20UNCLASS%20SAR%20APR-SEP%202018.pdf
There is a classified vs of this report
"NOTE: A classified version of the Semi-Annual Report (SAR) to Congress formed the basis of this unclassified version. The National Security Agency (NSA) Office of the Inspector General (OIG) has endeavored to make this unclassified version of the SAR as complete and transparent as possible. However, where appropriate, the NSA OIG has rephrased or redacted information to avoid disclosure of classified information and as required to protect NSA sources and methods. In that regard, the classified version of this report contained descriptions of additional completed and ongoing work that could not be included in the public version of this report."
Audit of Nuclear Command and Control Systems
The OIG conducted this audit of Agency Nuclear Command and Control (NC2) systems security controls to determine whether system security controls were implemented to sufficiently protect the program data and to assess NSA compliance with NSA/CSS Policy 6-3, Information System Security Authorization Using the Risk Management Framework, 13 June 2016, revised 24 May 2017, and Intelligence Community Directive (ICD) 503, Practitioner Manual, 29 January 2013.
Due to the classification of the OIG’s findings and recommendations, they cannot be further described in the unclassified version of this report.
Ongoing Audits
Audit of Nuclear Command and Control Program II
The overall objective of the audit is to assess mission critical aspects, of the NC2 program, including systems security controls, governance, mission assurance, personnel, and facilities. The OIG is issuing two reports to address this topic, one focused on systems, which was issued during this reporting period (see above), and the other on the remaining issues.
Ongoing Audits
Audit of Award Fee Contracts
"The overall objective of the audit is to evaluate whether governance of the award fee process complies with applicable laws and policies and is conducted economically and efficiently. The OIG is examining 54 such contracts in effect during Fiscal Years 2016 and 2017, with a total reported value of several billion over the life of the contracts."
interdasting….reported value of several billion
Ongoing Audits
Audit of NSA’s Internal Controls Over Second Party Integrees
The overall objective of this audit is to determine whether the internal controls over the integration of Second Party (certain foreign countries) personnel into the NSA workforce are operating effectively and efficiently.