We conducted this follow-up review in response to Public Law (PL) 111‑258, “Reducing Over-Classification Act,” which requires that the Inspector General (IG) of each department or agency of the U.S. with an officer or employee who is authorized to make original classifications, in consultation with the Information
Security Oversight Office (ISOO) shall carry out evaluations of that department or agency or a component of the department or agency:
• to assess whether applicable classification policies, procedures, rules, and regulations have been adopted, followed, and effectively administered within such department, agency, or component; and
• to identify policies, procedures, rules, regulations, or management practices that may be contributing to persistent misclassification of material within such department, agency, or component.
We determined that the Under Secretary of Defense for Intelligence (USD(I)) fully implemented two and partially implemented 11 of the 13 recommendations we previously made. Of the 11 that were partially implemented, four were in the process of being implemented in conjunction with the Under Secretary of Defense for Acquisition, Technology, and Logistics (USD(AT&L)).