Document SecurityJustice Can Improve Its Controls Over Classified and Sensitive Documents Gao ID: GGD-93-134 September 7, 1993
The increasing strength and boldness of drug-trafficking cartels, organized crime families, and terrorists make it essential that the Justice Department adequately safeguard its classified and sensitive information. Security breaches could have deadly consequences if the identities of law enforcement officers, witnesses, and others were leaked. Although Justice has a framework of regulations governing the handling of this material, which includes everything from grand jury investigations to tax cases to national security matters, GAO found instances in which Justice's document security could be beefed up. First, Justice's Security Compliance Group should consider increasing the number of security reviews that it does each year at Justice locations across the country. Second, although the Federal Bureau of Investigation (FBI) has identified many security violations within its headquarters building--nightly security patrols discovered about 4,400 security violations between 1990 and 1992--disciplinary actions taken against violators did not fully comply with FBI guidelines. Third, to ensure that all classified documents are delivered properly via the interoffice courier mail systems, established controls for sending classified documents should be followed more closely.
GAO found that: (1) Justice has established and distributed guidance on handling and safeguarding classified and sensitive documents; (2) Justice routinely reviews compliance with its policies and procedures for classified and sensitive documents and identifies security deficiencies; (3) SCRG reviews of 54 Justice locations have revealed numerous and recurring security weaknesses and noncompliance with security policies; (4) SCRG needs to find alternative methods for reviewing security compliance, since its limited resources allow it to do only 27 security compliance reviews per year; (5) Justice officials expect that the results of the limited SCRG reviews will deter other Justice units from committing common security violations; (6) FBI officials have been reluctant to allow SCRG to do reviews of FBI offices, since they believe that it duplicates its own inspections; (7) FBI has not followed its internal guidance on disciplinary actions for security violations or reported the violations to the proper FBI office; and (8) the Justice and FBI interoffice mail systems do not adequately track the handling of classified and sensitive documents due to incomplete records and poor filing systems.Recommendations
Our recommendations from this work are listed below with a Contact for more information. Status will change from "In process" to "Open," "Closed - implemented," or "Closed - not implemented" based on our follow up work.Director: Team: Phone: