Navy Commercial Access Control System Did Not Effectively Mitigate Access Control Risks
Abstract
Objective: We determined whether the Navy Commercial Access Control System (NCACS) was mitigating access control risks for Navy installations. Findings: NCACS did not effectively mitigate access control risks associated with contractor installation access. This occurred because Commander, Navy Installations Command (CNIC) officials attempted to reduce access control costs. As a result, 52 convicted felons received routine, unauthorized installation access, placing military personnel, dependents, civilians, and installations at an increased security risk. Additionally, the CNIC N3 Antiterrorism office (N3AT) misrepresented NCACS costs. This occurred because CNIC N3AT did not perform a comprehensive business case analysis and issued policy that prevented transparent cost accounting of NCACS. As a result, the Navy cannot account for actual NCACS costs, and DoD Components located on Navy installations may be inadvertently absorbing NCACS costs. Furthermore, CNIC N3AT officials and the Naval District Washington Chief Information Officer circumvented competitive contracting requirements to implement NCACS. This occurred because CNIC N3AT did not have contracting authority. As a result, CNIC N3AT spent over $1.1 million in disallowable costs and lacked oversight of, and diminished legal recourse against, the NCACS service provider.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 16, 2013
- Accession Number
- ADA590931
Entities
Organizations
- Office of the Inspector General, U.S. Department of Defense