The Department of Defense (DoD) Office of Inspector General (OIG) is canceling its audit of corrective actions taken by DoD in response to cybersecurity vulnerabilities identified during operational testing and evaluation of acquisition programs, citing the COVID-19 pandemic.
The audit – announced Jan. 8, 2020 – was to “determine whether DoD Components took action to accept, mitigate, or remediate cybersecurity vulnerabilities identified during cybersecurity test and evaluations of DoD acquisition programs.”
“We are terminating this classified audit because the coronavirus disease–2019 pandemic impacted the operational environment and the team’s ability to effectively complete the audit,” Assistant IG for Audit Cyberspace Operations Carol Gorman said. “We appreciate the courtesies extended to the staff during the audit.”
The OIG gave no indication whether it plans to resume the audit at a later date.
Before its termination, the audit was to be performed at the Military Department Cyber Commands; Director, Operational Test and Evaluation; Operational Test Agencies, combatant commands, and DoD acquisition programs—while leaving room to identify additional locations as the audit proceeded.