Report No. DODIG-2019-106: (U) Audit Of The DoD's .
SECRET//NOFORNReport No. DODIG-2019-106ē Ęĕ ĊĈ ęĔ ė Ċ ē Ċ ė ĆđU.S. Department of DefenseJuly 26, 2019(U) Audit of the DoD’sManagement of the CybersecurityRisks for Government PurchaseCard Purchases of CommercialOff-the-Shelf ItemsClassified By: Carol N. GormanDerived From: DoD Inspector General Action Memorandum,“Cybersecurity Vulnerabilities Identified During the Audit of theDoD’s Implementation of Cybersecurity Controls for UnmannedAerial Vehicle Systems”Declassify On: 50X1-HUMI N T E G R I T Y / E W E E E X C E L L E N C ESECRET//NOFORN
SECRET//NOFORNSECRET//NOFORN
SECRET//NOFORN(U) Results in Brief(U) Audit of the DoD’s Management of the Cybersecurity Risksfor Government Purchase Card Purchases of CommercialOff-the-Shelf ItemsJuly 26, 2019(U) Findings(U) Objective(U//FOUO) We determined that the DoD purchasedand used COTS information technology items withknown cybersecurity risks. Specifically, Army andAir Force GPC holders purchased at least 32.8 millionof COTS information technology items, such as Lenovocomputers, Lexmark printers, and GoPro cameras,with known cybersecurity vulnerabilities in FY 2018.In addition, we identified that the(U) We determined whether the DoD assessed andmitigated cybersecurity risks when purchasingcommercial off-the-shelf (COTS) information technologyitems. Although we primarily focused on Governmentpurchase card (GPC) purchases, we also assessed risksaffecting traditional acquisition processes.(U) Background(U) The DoD purchases and uses a wide variety of COTSinformation technology items, such as laptops, software,security cameras, and networking equipment. Accordingto the Federal Acquisition Regulation, a COTS item is acommercial item sold in substantial quantity in themarketplace and offered to the Government in the sameform in which it is sold to non-Government customers.(U) The DoD purchases COTS information technologyitems through several methods, including the traditionalDoD acquisition process and GPCs. The traditionalacquisition process is used to purchase COTS informationtechnology items used for DoD programs and largeacquisitions, such as weapon systems, aircraft, andcommand and control systems. COTS informationtechnology items are also purchased through the use ofGPCs to make micro-purchases, such as a television or anoffice printer. Micro-purchases are used for purchasingfixed-price commercial supplies that do not require thecardholder to agree to any terms and conditions otherthan price and delivery. The GPC program is intendedto streamline the small purchase and payment process,minimize paperwork, and simplify the administrativeprocess associated with procuring goods that cost lessthan the micro-purchase threshold of 10,000.(U) The DoD purchased and used COTS informationtechnology items with commonly known cybersecurityrisks because the DoD did not establish: (U) responsibility for an organization or group todevelop a strategy to manage the cybersecurityrisks of COTS information technology items;(U) acquisition policies that proactively addressthe cybersecurity risks of COTS informationtechnology items;(U) an approved products list to preventunsecure items from being purchased; and(U) controls to prevent the purchase of high-riskCOTS information technology items with knowncybersecurity risks similar to the controlsimplemented through the use of the nationalsecurity systems-restricted list.(U//FOUO) As a result, adversaries could exploit knowncybersecurity vulnerabilities that exist in COTS itemspurchased by the DoD. If the DoD continues to purchaseand use COTS information technology items withoutidentifying, assessing, and mitigating the knownvulnerabilities associated with COTS informationtechnology items, missions critical to national securitycould be compromised. For example, the Departmentof State issued a warning in May 2017 against usingHangzhou Hikvision Digital Technology Company andSECRET//NOFORNDODIG-2019-106 (Project No. D2018-D000CR-0113.000) i
SECRET//NOFORN(U) Results in Brief(U) Audit of the DoD’s Management of the Cybersecurity Risksfor Government Purchase Card Purchases of CommercialOff-the-Shelf Items(U) Findings (cont’d)(U//FOUO) Dahua Technology Company videosurveillance equipment, citing cyberespionage concernsfrom China. Despite the inherent risks associated withtheir use, DoD Components continued to purchase and usethese COTS items to monitor installation security untilCongress banned the Government from using them inAugust 2018. In addition, despite reports from theNational Security Agency,, DoD Componentspurchased and used the systems to. Using COTSinformation technology items,.(U) Recommendations(U) We recommend that the Secretary of Defense direct anorganization or group to develop a risk-based approach toprioritize COTS items for further evaluation, a process totest high-risk COTS items, and a process to prohibit thepurchase and use of high-risk COTS items, when necessary,until mitigation strategies can limit the risk to anacceptable level.(U) We also recommend that the DoD Chief InformationOfficer update DoD policy to require an assessment ofsupply chain risks as a condition for approval to beincluded on the Unified Capabilities ApprovedProducts List.(U) Furthermore, we recommend that the UnderSecretary of Defense for Acquisition and Sustainmentand the DoD Chief Information Officer identify andimplement administrative solutions, such as expandingthe DoD’s implementation of its authority to prohibitDoD Components from purchasing COTS informationtechnology items that support national security systemsfrom specific manufacturers to reduce supply chain risksand, if those solutions are insufficient to address theissues identified in this report, seek legislative authorityto expand the national security system-restricted list(list of COTS items prohibited from being used in nationalsecurity systems) DoD-wide to include high-risk COTSinformation technology items used for non-nationalsecurity systems.(U) Management Commentsand Our Response(U//FOUO)(U) In addition, we recommend that the Under Secretaryof Defense for Acquisition and Sustainment update ordevelop and implement:x(U) DoD acquisition policy to requireorganizations to review and evaluatecybersecurity risks for high-risk COTS items priorto purchase, regardless of purchase method; andx(U) GPC program policy and trainingrequirements to include training on commoncybersecurity risks for COTS informationtechnology items and the impact of the risksto the mission.(U//FOUO)SECRET//NOFORNDODIG-2019-106 (Project No. D2018-D000CR-0113.000)ሃii
SECRET//NOFORN(U) Results in Brief(U) Audit of the DoD’s Management of the Cybersecurity Risksfor Government Purchase Card Purchases of CommercialOff-the-Shelf Items(U) Management Comments (cont’d)(U//FOUO).1(U//FOUO) However, comments from the Under Secretaryand Chief Information Officer did not address the specificsof the recommendation to develop a risk-based approachto prioritize COTS items for further evaluation, a processto test high-risk COTS items, and a process to prohibitthe purchase and use of high-risk COTS items, whennecessary, until mitigation strategies can limit the risk toan acceptable level. Responsibility for identifying, testing,and mitigating cybersecurity risks is decentralized amongmany organizations with overlapping responsibilities andthe risk identification processes are not effective atidentifying high-risk COTS items that are used DoD-wideand ensuring that all high-risk COTS items are tested.In addition,. Therefore, the recommendations areunresolved and the Acting Secretary of Defense, UnderSecretary of Defense for Acquisition and Sustainment, orDoD Chief Information Officer, should provide additionalcomments identifying specific actions to addressthe recommendation.1(U) The Under Secretary of Defense for Acquisition andSustainment agreed with the recommendations to updateDoD acquisition policy and GPC policy and trainingrequirements, stating that she will update DoD acquisitionpolicy and GPC program policy and training. In addition,the DoD Chief Information Officer agreed with therecommendation to update DoD policy to require anassessment of supply chain risks as a condition forapproval to be included on the Unified CapabilitiesApproved Products List.(U//FOUO) The Under Secretary of Defense for Acquisitionand Sustainment and DoD Chief Information Officer agreedwith the intended outcome of the recommendation toexpand legal authorities to include high-risk COTSinformation technology items used for non-nationalsecurity systems. However, they stated that.(U) Please see the Recommendations Table on the nextpage for the status of the recommendations.(U) Public Law 115-390, “The Strengthening and EnhancingCyber-Capabilities by Utilizing Risk Exposure Technology Act,”December 21, 2018 and Executive Order 13873, “Securing theInformation and Communications Technology and Services SupplyChain,” May 15, 2019.SECRET//NOFORNDODIG-2019-106 (Project No. D2018-D000CR-0113.000) iii
SECRET//NOFORN(U) Recommendations etary of Defense1.a, 1.b, 1.cNoneNoneUnder Secretary of Defense forAcquisitions and SustainmentNone2.a, 2.b4DoD Chief Information OfficerNone34Unclassified(U) Please provide Management Comments by August 26, 2019.(U) The following categories are used to describe agency management’s comments to individualrecommendations:x(U) Unresolved – Management has not agreed to implement the recommendation or hasnot proposed actions that will address the recommendation.x(U) Resolved – Management agreed to implement the recommendation or has proposedactions that will address the underlying finding that generated the recommendation.x(U) Closed – OIG verified that the agreed upon corrective actions were implemented.SECRET//NOFORNDODIG-2019-106 (Project No. D2018-D000CR-0113.000)ሃiv
SECRET//NOFORNSECRET//NOFORNDODIG-2019-106 (Project No. D2018-D000CR-0113.000)ሃv
SECRET//NOFORNINSPECTOR GENERALDEPARTMENT OF DEFENSE4800 MARK CENTER DRIVEALEXANDRIA, VIRGINIA 22350-1500MEMORANDUM FOR SECRETARY OF DEFENSEUNDER SECRETARY OF DEFENSE FOR ACQUISITION ANDSUSTAINMENTDOD CHIEF INFORMATION OFFICERJuly 26, 2019SUBJECT: Audit of the DoD’s Management of the Cybersecurity Risks forGovernment Purchase Card Purchases of Commercial Off-the-ShelfItems (Report No. DODIG-2019-106)(U) This final report provides the results of the DoD Office of Inspector General’s audit.We previously provided copies of the draft report and requested written comments on therecommendations. We considered management’s comments on the draft report whenpreparing the final report. These comments are included in the report.(U) This report contains three recommendations that are considered unresolved becausemanagement officials did not fully address the recommendations. Therefore, as discussedin the Recommendations, Management Comments, and Our Response sections of this report,the recommendations will remain open. We will track these recommendations until anagreement is reached on the actions to be taken to address the recommendations. Once anagreement is reached, the recommendations will be considered resolved but will remainopen until adequate documentation has been submitted showing that the agreed-upon actionhas been completed. Once we verify that the action is complete, the recommendations willbe closed.(U) This report also contains three recommendations that are considered resolved.Therefore, as discussed in the Recommendations, Management Comments, and OurResponse section of this report, the recommendations may be closed when we receiveadequate documentation showing that all agreed-upon actions have been completed.Once we verify that the action is complete, the recommendations will be closed.(U) DoD Instruction 7650.03 requires that all recommendations be resolved promptly.For the unresolved recommendations, please provide us within 30 days your responseconcerning specific actions in process or alternative corrective actions proposed on therecommendations. For the resolved recommendations, please provide us within 90 daysyour response concerning specific actions in process or completed on the recommendations.SECRET//NOFORNDODIG-2019-106 vi
SECRET//NOFORN(U) Your response should be sent as a PDF file toandResponses must have the actual signature of the authorizingofficial for your organization.(U) We appreciate the cooperation and assistance received during the audit.Please direct questions to me at (703) 699-7331 (DSN 499-7331).Carol GormanAssistant Inspector General for AuditCyberspace OperationsSECRET//NOFORNDODIG-2019-106 vii
(U) ContentsSECRET//NOFORN(U) Introduction. 1(U) Objective . 1(U) Background . 1(U) Review of Internal Controls. 4(U) Finding . 5(U) Improved Cybersecurity Risk Management Needed for Purchases ofCOTS Information Technology Items . 5(U) The DoD Purchased and Used COTS Information Technology ItemsWith Known Cybersecurity Risks . 6(U) The DoD Did Not Develop Controls to Prevent the Purchase ofCOTS Information Technology Items With Cybersecurity Risks . 9(U) Using COTS Items With Cybersecurity Risks Weakens National Security . 17(U) Recommendations, Management Comments, and Our Response. 19(U) Appendix A . 25(U) Scope and Methodology . 25(U) Use of Computer-Processed Data . 27(U) Prior Coverage . 28(U) Appendix B . 29(U//FOUO). 29(U//FOUO). 35(U) Appendix C . 35(U) Appendix D . 40(U) Banned or Restricted COTS Items and Manufacturers. 40(U) Management Comments . 42(U) Acting Secretary of Defense. 42(U) Under Secretary of Defense for Acquisitions and Sustainment and DoD Chief Information Officer . 43(U) Acronyms and Abbreviations . 47(U) Glossary . 48(U) Annex: Classified Sources . 50SECRET//NOFORNDODIG-2019-106 viii
SECRET//NOFORN(U) IntroductionIntroduction(U) Objective(U) We determined whether the DoD assessed and mitigated cybersecurity riskswhen purchasing commercial off-the-shelf (COTS) information technology items.(U) Background(U) The DoD purchases and uses a wide variety of COTS information technology items,such as laptops, software, cameras, and networking equipment. According to theFederal Acquisition Regulation, a COTS item is a commercial item sold in substantialquantity in the marketplace and offered to the Government in the same form in which itis sold to non-Government customers. 2 Some COTS information technology items canbe used as embedded components in command and control; communications; andintelligence, surveillance, and reconnaissance systems. In July 2018, the DeputyDirector, Cybersecurity Risk Management, DoD Chief Information Officer (CIO),estimated that 70 to 80 percent of the components that comprise DoD systems areCOTS items.(U) The DoD purchases COTS information technology items through several methods,including traditional DoD acquisition process and GPCs. The traditional acquisitionprocess is used for COTS information technology items purchased and used in DoDprograms and large acquisitions, such as weapon systems, aircraft, and command andcontrol systems. COTs information technology items are also purchased with a GPC tomake micro-purchases, such as a television or an office printer. 3 The GPC Program isintended to streamline the process to make and pay for small purchases, minimizepaperwork, and generally simplify the administrative process associated with procuringgoods under the micro-purchase threshold. Although we primarily focused on GPCpurchases, we also assessed risks affecting traditional acquisition processes.2(U) Federal Acquisition Regulation Part 2 “Definitions of Words and Terms,” Subpart 2.1 “Definitions.”3(U) Micro-purchases are purchases made for fixed-price commercial supplies and services that do not require thecardholder to agree to any terms and conditions other than price and delivery. These purchases are limited to theapplicable micro-purchase threshold. The FY 1998 National Defense Authorization Act mandated the use of thestreamlined micro-purchase procedures for at least 90 percent of micro-purchases. This commonly entails theuse of GPCs.SECRET//NOFORNDODIG-2019-106 1
SECRET//NOFORNIntroduction(U) DoD Instruction 5000.02 requires DoD Components to implement controls tomanage cybersecurity risks throughout an acquisition program’s life cycle. 4 DoDComponents must also comply with DoD Instruction 8500.01, which requires DoDComponents to implement a cybersecurity program to manage risk for informationtechnology systems or components based on the importance of supported missions andthe affected information or assets. 5 The Instruction also states that DoD agencies mustmanage, mitigate, and monitor risks associated with global sourcing and distribution.(U) The DoD’s Increased Reliance on COTS InformationTechnology Items(U) Since the 1990s, Federal and DoD policy has streamlined the acquisition process tomake it easier to purchase COTS items, including COTS information technology items.The Federal Acquisition Streamlining Act of 1994 established a preference for procuringCOTS items over those specifically developed for Government use. 6 More recently,a June 2018 memorandum exempted DoD personnel from complying with certainacquisition regulations when purchasing innovative COTS items, technologies, orservices. 7 Furthermore, between July 2017 and August 2018, the DoD and Congressincreased the maximum threshold for a single GPC micro-purchase from 3,500 tobetween 5,000 and 10,000. 8 As it has become easier to purchase COTS items, DoDsystems have become increasingly reliant on COTS information technology items dueto their high utility, low cost, and ease of deployment.(U) The DoD also continues to increase its use of Internet-connected COTS items.Devices that have the ability to connect to the Internet with a unique Internet Protocoladdress and can transfer data over a network without requiring human-to-human orhuman-to-computer interaction are commonly referred to as internet of things (IoT)devices. The DoD uses IoT devices to support missions and operations; for example, thefully networked F-35 Joint Strike Fighter uses IoT-connected devices to collect data toimprove the pilot’s situational awareness. In addition, the DoD uses thousands ofnetwork-connected sensors in its facilities to improve energy efficiency.4(U) DoD Instruction 5000.02, “Operation of the Defense Acquisition System,” August 10, 2017, (Incorporating Change 3).5(U) DoD Instruction 8500.01, “Cybersecurity,” March 14, 2014. DoD information technology includes any informationtechnology that receives, processes, stores, displays, or transmits DoD information.6(U) Public Law 103-355, “Federal Acquisition Streamlining Act of 1994,” October 13, 1994.7(U) Under Secretary of Defense for Acquisition and Sustainment Memorandum, “Class Deviation-Defense CommercialSolutions Opening Pilot Program,” June 26, 2018, exempts DoD personnel from submitting a summary of a proposedcontract and promoting competition.8(U) Under Secretary of Defense for Acquisition and Sustainment Memorandum, “Class Deviation-Micro-PurchaseThreshold, Simplified Acquisition Threshold, and Special Emergency Authority,” April 13, 2018, and Public Law 115-232,“National Defense Authorization Act for FY 2019,” Title VII, Subtitle B, Section 821, August 13, 2018.SECRET//NOFORNDODIG-2019-106 2
SECRET//NOFORNIntroduction(U) COTS Information Technology Items AreIncreasingly Vulnerable(U) Federal agencies have reported cybersecurity risks associated with using COTSinformation technology items, such as: (U) third-party service providers and manufacturers with physical or logicalaccess to sensitive Government information systems, software code, orintellectual property;(U) poor personnel information security practices, such as using applications onmobile devices that provide the location of troops or ongoing DoD operations;(U) counterfeit software or hardware with embedded malware, such as virusesor malicious code, that could allow adversaries remote access to DoD systemsand networks; and(U) a contractor’s inability to protect data and mitigate vulnerabilities onsystems and networks that store and transmit sensitive information.(U) Components of COTS information technology items, such as hardware, firmware,and software, can come from globally distributed supply chains that are complex andlimit the purchaser’s understanding and control over how the components of COTSinformation technology items are developed, integrated, and deployed. The supplychain is the activities associated with providing materiel from a raw stage to an enduser as a finished product. According to the Committee on National Security Systems,adversaries and malicious actors use the supply chain to introduce cybersecurityvulnerabilities into DoD weapon systems and information technology networks thatuse COTS information technology products. 9 For example, Figure 1 illustrates anexample of potential countries that commonly provide various components in buildingcommercially available laptops.9(U) Committee on National Security Systems Directive 505, “Supply Chain Risk Management,” July 26, 2017.SECRET//NOFORNDODIG-2019-106 3
SECRET//NOFORNIntroduction(U) Figure 1. Potential Origins of Common Suppliers of Laptop Components(U) Review of Internal Controls(U) DoD Instruction 5010.40 requires DoD organizations to implement acomprehensive system of internal controls that provides reasonable assurance thatprograms are operating as intended and to evaluate the effectiveness of the controls. 10We identified internal control weaknesses with how the DoD identifies, assesses, andmanages the cybersecurity risks associated with COTS items, and how the DoD ensuresthat its personnel are aware of known cybersecurity or supply chain risks whenpurchasing and using COTS items. We will provide a copy of the report to the seniorofficial responsible for internal controls in the Offices of the Secretary of Defense,Under Secretary of Defense for Acquisition and Sustainment (USD[A&S]), and DoD CIO.10(U) DoD Instruction 5010.40, “Managers’ Internal Control Program Procedures,” May 30, 2013.SECRET//NOFORNDODIG-2019-106 4
SECRET//NOFORN(U) FindingFinding(U) Improved Cybersecurity Risk Management Neededfor Purchases of COTS Information Technology Items(U//FOUO) The DoD purchased and used COTS information technology items withknown cybersecurity risks. Specifically, Army and Air Force GPC holders purchased atleast 32.8 million of COTS information technology items, such as Lenovo computers,Lexmark printers, and GoPro cameras, with known cybersecurity vulnerabilities inFY 2018. 11 In addition, we identified. The DoD purchased and usedCOTS information technology items with commonly known cybersecurity risks becausethe DoD did not establish: (U) responsibility for an organization or group to develop a strategy to managethe cybersecurity risks of COTS information technology items;(U) acquisition policies that proactively address the cybersecurity risks of COTSinformation technology items;(U) an approved products list (APL) to prevent unsecure items from beingpurchased; and(U) controls to prevent the purchase of high-risk COTS information technologyitems with known cybersecurity risks similar to the controls implementedthrough the use of the national security systems-restricted list.(U//FOUO) As a result, the DoD increased its risk that adversaries could exploit knowncybersecurity risks. If the DoD continues to purchase and use COTS items withoutidentifying, assessing, and mitigating known vulnerabilities associated with COTSitems, missions critical to national security could be compromised. For example, theDepartment of State issued a warning in May 2017 against using Hangzhou HikvisionDigital Technology Company and Dahua Technology Company video surveillanceequipment, citing cyberespionage concerns from China. Despite the inherent risksassociated with their use, DoD Components continued to purchase and use these COTSitems tountil Congress11(U) The Navy did not track COTS item purchases using an enterprise-wide database, instead, the Navy managed theprocess manually. Therefore, we did not include Navy COTS item purchases in our audit scope.SECRET//NOFORNDODIG-2019-106 5
SECRET//NOFORNFinding(U//FOUO) banned the Federal Government from using them in August 2018. Inaddition, despite reports from, DoD Components purchased and used the systems. Using COTSinformation technology items,.(U) The DoD Purchased and Used COTS InformationTechnology Items With Known Cybersecurity Risks(U//FOUO) The DoD purchased and used COTS information technology itemswith known cybersecurity risks. In addition,and issued a notice of concern to the Secretaryof Defense.(U) FY 2018 Purchases of COTS Information Technology ItemsWith Cybersecurity Risks(U) We reviewed purchases of COTS information technology items for the Army andAir Force and determined that GPC holders purchased at least 32.8 million of COTSinformation technology items with known cybersecurity risks in FY 2018. 12 Knowncybersecurity risks are included in the National Vulnerabilities Database, or derivedfrom congressional reports, DoD reports, and open source test reports. For example,Army and Air Force GPC holders purchased over 8,000 Lexmark printers, totalingmore than 30 million, for use on Army and Air Force networks. According to aCongressional report on supply chain vulnerabilities from China, Lexmark is a companywith connections to Chinese military, nuclear, and cyberespionage programs. 13 TheNational Vulnerabilities Database lists 20 cybersecurity vulnerabilities for Lexmark,including storing and transmitting sensitive network access credentials in plain text and12(U) We obtained GPC purchase data from Army’s Computer Hardware, Enterprise Software, and Solutions contracts andthe Air Force’s Network-Centric Solutions-2 Products and Information Technology Commodity Council contracts to identifyCOTS information technology items purchased by Army and Air Force GPC holders. We could not determine the totalvalue of Army GPC purchases because of the ability to bypass the system to make purchases, or Air Force GPC purchasesbecause of the decentralized tracking of COTS purchases and inadequate system reporting.13(U) U.S.-China Economic and Security Review Commission Report, “Supply Chain Vulnerabilities From China in U.S. FederalInformation and Communications Technology,” April 2018.SECRET//NOFORNDODIG-2019-106 6
SECRET//NOFORNFinding(U) allowing the execution of malicious code on the printer. 14 These vulnerabilitiescould allow remote attackers to use a connected Lexmark printer to conductcyberespionage or launch a denial of service attack on a DoD network. In anotherexample, the Army and Air Force purchased 117 GoPro action cameras at a cost ofjust under 98,000. GoPro cameras are designed to film and share video in real-timethrough a wireless network or Bluetooth connection. However, the cameras havevulnerabilities that could allow a remote attacker access to the stored networkcredentials and live video streams. By exploiting these vulnerabilities, a maliciousactor could view the video stream, start recording, or take pictures without theuser’s knowledge.(U) Although the Navy purchased COTS information technology items using GPCs, it didnot track the purchases using an enterprise-wide database. Without tasking specificNa
Jul 30, 2019 · Items (Report No. DODIG -2019-106) (U) This final report provides the results of the DoD Office of Inspector General’s audit. We previously provided copies of the draft report and requested written comments on the recommendations. We considered management’s comments on the draft report
106.2 Creation of Polynomial Rings and their Ideals 3226 106.3 First Operations on Ideals 3226 106.3.1 Simple Ideal Constructions 3226 106.3.2 Basic Commutative Algebra Operations 3226 106.3.3 Ideal Predicates 3229 106.3.4 Element Operations with Ideals 3231 106.4 Computation of Varieties 3233 106.5 Multiplicities 3235 106.6 Elimination 3236
VERTICAL TURBINE PUMPS 200 x 106 200 x 106 TO 300 x 106 300 x 106 INDUCERS 320 x 106 320 x 106 TO 480 x 106 480 x 106 Fig. 3: Suction Energy Level designation according to Pump Type For cavitation free operation, we must operate at a required NPSH R value that is greater than the available system NPSH A
Feb 26, 2018 · DODIG-2018-079 (Project No. D2016-D000XD-0201.000) i Results in Brief Followup Audit: Transfer of Service Treatment Records to the Department of Veterans Affairs Objective We determined whether the DoD had implemented recommendations in DoD OIG Report No. DODIG-2014-097
DODIG-2016-004 (D2015-D000RE-0101.000) i. Results in Brief. Army Needs to Improve Contract Oversight for the Logistics Civil Augmentation Program's Task Orders. Visit us at www.dodig.mil. Objective. Our objective was to determine whether . the Army was providing sufficient contract oversight for Logistics Civil Augmentation
Compilation and Certification Requirements for FY 2013. DODIG-2015-106 (Project No. D2015-D000CG-0006.000) i. Visit us at www. dodig.mil. Objective. . Results 4d: Certification Letters Provided Limited Information on Fundingeductions R _15; Procedure 5: Follow Up on Previous Recommendation _17 .
SUBJECT: Audit of Physical Security Controls at Department of Defense Medical Treatment Facilities (Report No. DODIG-2020-078) This final report provides the results of the DoD Office of Inspector General’s audit. We previously provided copies of the draft report and requested written comments on the recommendations.
AND MATERIEL READINESS DIRECTOR, DEFENSE LOGISTICS AGENCY SUBJECT: Management of Items in the Defense Logistics Agency’s Long-Term Storage Needs Improvement (Report No. DODIG-2016-036) We are providing this report for your information and use. The Defense Logistics Agency
Online Banking locked out with button to reset details Online Banking locked out with secure keys. Let’s help you access your account 1 Choose the ‘Reset security details’ button on the bottom right 2 You’ll be asked a set of security questions to make sure it’s you 3 A security code will be sent to your Secure Key 4 Type in your security code on screen when asked 5 Create new log on .
