The Defense Department’s first-ever audit has revealed that the U.S. military is worth $2.7 trillion and the security for its information technology still sucks.
Overall, the army of auditors that scoured the military’s books discovered between 1,500 and 2,000 “notice of findings,” or things that need be fixed, said David Norquist, the Defense Department’s comptroller.
“Our single largest number of findings is IT security around our business systems,” Norquist told reporters on Wednesday. “The types of issues there are segregation of duties, terminating user access when they depart, and monitoring the use of people who have special authorities, making sure there is careful of monitoring of that.”
In 2018, the Defense Department has spent $153 million to improve its financial systems, and that includes fixing vulnerabilities in IT security, he said. By taking care of those problems, the Pentagon will end up saving money.
“If people are able to get into your inventory or property systems and make code changes that you can’t see, the risk to you is exponential,” Norquist said. “The ability to turn those off and shut those down is a cost avoidance.”
So far, the Defense Department has spent $406 million in fixing all of the problems identified by the audit, which cost a total of $413 million in fiscal 2018, according to the Pentagon.
Auditors will keep checking each year with commanders on the issues that need be improved until all of the findings have been remedied, Norquist said.
“I think what you’ll see from the secretary is a clear message to the work force: Now that you’re aware of it, your job is to fix it,” Norquist said. “And that’s what we have in people’s performance evaluations across our senior leadership: Their responsibility to close these findings.”
SEE ALSO: The Pentagon Failed Its First-Ever Audit