From: NASA Office of Inspector General
Posted: Wednesday, September 28, 2016
WHY WE PERFORMED THIS AUDIT
In December 2009, the President signed Executive Order 13526, "Classified National Security Information" (Order), to reform the security classification and declassification processes for classified information (information that has been determined to require protection against unauthorized disclosure). Follow-on legislation directed Federal Inspectors General to perform two evaluations of their agency's compliance with the Order. We completed our first evaluation of NASA's Classified National Security Information (CNSI) program in September 2013, finding that while NASA's procedures for managing classified information complied with Federal requirements and implementing guidance, Agency personnel did not consistently adhere to the requirements. Specifically, classified documents were improperly marked, training requirements for classifiers were not met, and self-inspections were not fully implemented. We made three recommendations at the time, all of which NASA agreed to implement.
In this follow-up review, we assessed NASA's implementation of our 2013 recommendations and reviewed the Agency's compliance with Federal regulations and CNSI policies. As part of our work, we conducted field work at NASA Headquarters and the Johnson Space Center, and reviewed CNSI documents, Agency policies and procedures, and external reviews of NASA's CNSI Program.
WHAT WE FOUND
Although NASA has taken steps to implement our prior recommendations, we continued to identify inconsistencies in the Agency's application of CNSI policies and procedures that led to improper marking of classified documents. This occurred because of insufficient identification and training of classifiers. Further, implementation of the Agency's self-inspection program was not fully effective because NASA Centers did not consistently review documents to verify the accuracy of classified markings. Improved identification and training of classification officials and effective self-inspections would help ensure classified information at NASA is managed in accordance with Federal requirements.
WHAT WE RECOMMENDED
We made four recommendations to NASA's Assistant Administrator for Protective Services, including that he maintain an Agency-wide roster of classifiers and establish a mechanism to track the training required and received by these individuals. In response to our draft report, the Agency concurred with our recommendations and proposed corrective actions. We find the actions responsive and will close the recommendations upon verification of the corrective actions.
// end //