Skip to main content
U.S. flag

An official website of the United States government

Audit Reports

Date

DOT Does Not Fully Comply With Requirements of the Reducing Over-Classification Act

Requested By
Required by the Reducing Over-Classification Act
Project ID
FI2013136
File Attachment

On September 19, 2013, we issued our report entitled DOT Not Fully Complying with Requirements of the Reducing Over-Classification Act.  Our objectives were to (1) determine whether DOT has implemented effective policies and procedures for classification of information that comply with Federal policy and regulations, and (2) identify any practices that may lead to continuous misclassification of information. We found that not all DOT classification related policies and procedures are effective or comply with Federal requirements, including the National Archives and Records Administration’s Information Security Oversight Office’s (ISOO) regulation. Specifically, the Office of the Secretary of Transportation (OST) did not conduct comprehensive self-inspections of spaces dedicated to storage of classified documents; the Department’s classified documents were not all correctly marked;  OST’s reports to ISOO are not accurate; and FAA’s Order on Safeguarding Classified National Security Information needs to be updated to comply with ISOO requirements. We could not conclude whether there are practices that led to continuous misclassification because the necessary security clearances are pending. We worked with the Department to request the necessary clearance and access. The Department has processed our request and forwarded it to the responsible agency. We are awaiting the response from this agency. Within two months of receiving this response, if favorable, we will complete our review of supporting documentation to determine if there are practices that contribute to continuous misclassification.  We made four recommendations to DOT and one recommendation to FAA. DOT and FAA officials concurred with all recommendations.

Recommendations

Closed on
No. 1 to OST
Take steps to develop a more comprehensive self-inspection program that will include greater coverage of derivative documents and inspections of spaces dedicated to storage of classified documents (e.g. the Crisis Management Center).
Closed on
No. 2 to OST
Seek additional resources to complete comprehensive self-inspections, and to prepare accurate reports to the National Archives and Records Administration's Information Security Oversight Office.
Closed on
No. 3 to OST
Take steps to implement policies and procedures that identify what documents need to be marked and how, and validate that these policies and procedures are consistently applied throughout the Department.
Closed on
No. 4 to OST
Establish a procedure and communicate to the OAs clear definitions and requirements for ensuring that annual reporting to the National Archives and Records Administration's Information Security Oversight Office (ISOO) is accurate and complete.
Closed on
No. 5 to FAA
Update FAA's policy to conform to the requirements of EO 13526.