Skip to main content

Defense Acquisitions: Departmentwide Direction Is Needed for Implementation of the Anti-tamper Policy

GAO-08-91 Published: Jan 11, 2008. Publicly Released: Jan 11, 2008.
Jump To:
Skip to Highlights

Highlights

The Department of Defense (DOD) invests billions of dollars on sophisticated weapon systems and technologies. These may be at risk of exploitation when exported, stolen, or lost during combat or routine missions. In an effort to minimize this risk, DOD developed an anti-tamper policy in 1999, calling for DOD components to implement anti-tamper techniques for critical technologies. In March 2004, GAO reported that program managers had difficulties implementing this policy, including identifying critical technologies. This follow-up report (1) describes recent actions DOD has taken to implement its anti-tamper policy and (2) identifies challenges facing program managers. GAO reviewed documentation on actions DOD has taken since 2004 to implement its anti-tamper policy, and interviewed officials from the Anti-Tamper Executive Agent's Office, the military services, other DOD components, and a cross-section of program offices.

Recommendations

Recommendations for Executive Action

Agency Affected Recommendation Status
Department of Defense As DOD examines its policies for protecting critical assets, the Secretary of Defense should direct the Under Secretary of Acquisition, Technology, and Logistics, in coordination with the Anti-Tamper Executive Agent and the Under Secretary of Defense for Intelligence, to issue or be involved in developing and providing departmentwide direction for application of its anti-tamper policy that prescribes how to carry out the policy and establishes definitions for critical program information and critical technologies.
Closed – Implemented
DOD has efforts underway to implement this recommendation. Specifically, DOD is developing a manual, DOD 5200.39-M, "Procedures for Critical Program Information within the DOD" that is intended to guide implementation of policies and procedures for identifying and protecting critical program information which includes critical technologies. The manual is to include guidance for carrying out DOD's anti-tamper policy, among other things. DOD estimates the manual will be completed by October 2013.
Department of Defense To help ensure the effectiveness of anti-tamper implementation, the Secretary of Defense should direct the Anti-Tamper Executive Agent to identify and provide additional tools to assist program managers in the anti-tamper decision process.
Closed – Implemented
DOD has provided additional tools to assist program managers in the anti-tamper decision process. DOD issued Anti-Tamper Guidelines for program managers and developed a two-day anti-tamper short course. The short course provides information for specifying, designing, and evaluating anti-tamper technology as well as information on anti-tamper design milestones and their relationship to the acquisition cycle.

Full Report

Office of Public Affairs

Topics

Defense capabilitiesInternal controlsPhysical securityPolicy evaluationProgram evaluationProgram managementRisk assessmentRisk managementSecurity threatsSystem security plansWeaponsWeapons systemsPolicies and proceduresProgram implementation