Accession Number:

ADA499384

Title:

DoD Implementation of Homeland Security Presidential Directive-12

Descriptive Note:

Corporate Author:

INSPECTOR GENERAL DEPT OF DEFENSE ARLINGTON VA

Report Date:

2008-06-23

Pagination or Media Count:

91.0

Abstract:

We performed the audit in response to a request from the Office of Management and Budget that the Presidents Council on Integrity and Efficiency review agency processes and help ensure they are consistent with HSPD-12 and FIPS 201-1. We evaluated DoD business processes to determine whether they comply with directives and standards to develop secure and reliable Personal Identity Verification PIV credentials. DoD is not complying with HSPD-12 requirements, has not issued comprehensive HSPD-12 implementation guidance to DoD Components, and has not met HSPD-12 implementation milestones. DoD policy on physical access controls needs to be updated to comply with HSPD-12 policy objectives. Specific examples follow. DoD did not meet Government-wide milestones for completing background checks. Personnel at stations that issue the Common Access Card cannot electronically verify whether card applicants have initiated or completed a National Agency Check with Written Inquiries. DoD displays the full Social Security number on the Geneva Conventions credential, increasing the risk of identity theft. Components are purchasing equipment that is not compliant with HSPD-12. DoD is using barcode technology on the Defense Biometric Identification System credential that is not equivalent to mandatory HSPD-12 security features. DoDs current PIV credential does not meet interoperability requirements and needs to be updated.

Subject Categories:

  • Civil Defense

Distribution Statement:

APPROVED FOR PUBLIC RELEASE