Targeted Review of the Bureau of Diplomatic Technology’s Cloud Services Program Management

View Report

Date Issued

Tuesday, June 11, 2024

Submitting OIG

Department of State OIG

Other Participating OIGs

Department of State OIG

Agencies Reviewed/Investigated

Department of State

Components

Bureau of Information Resource Management

Report Number

ISP-I-24-21

Report Type

Inspection / Evaluation

Agency Wide

Yes

Number of Recommendations

Questioned Costs

Funds for Better Use

Open Recommendations

This report has 11 open recommendations.

Recommendation Number	Significant Recommendation	Recommended Questioned Costs	Recommended Funds for Better Use
1	No	$0	$0
The Bureau of Diplomatic Technology should update the Foreign Affairs Manual and Foreign Affairs Handbook to define its organizational structure and assign the associated cloud-related responsibilities to the responsible offices in its organizational structure.
2	No	$0	$0
The Bureau of Diplomatic Technology should update its cloud computing policies in accordance with Department standards.
3	No	$0	$0
The Bureau of Diplomatic Technology should update its cloud service procurement policies and guidelines and communicate the changes to the Department.
4	No	$0	$0
The Bureau of Diplomatic Technology should review Department configuration management policies for inconsistencies and update them to align with federal cloud policies.
5	No	$0	$0
The Bureau of Diplomatic Technology, in coordination with the Bureau of Diplomatic Security, should follow Department standards for cloud security guidelines.
6	No	$0	$0
The Bureau of Diplomatic Technology should comply with Department encryption key management requirements for enterprise cloud systems.
7	No	$0	$0
The Bureau of Diplomatic Technology should implement a communication plan for its domestic and overseas customers to include details on cloud responsibilities and available cloud products and services.
8	No	$0	$0
The Bureau of Diplomatic Technology should implement a formal process for gathering regular customer feedback on its cloud products and services.
9	No	$0	$0
The Bureau of Diplomatic Technology, in coordination with the Bureau of Administration, should bring its enterprise-level cloud services contract and contracting officer's representative files into compliance with Department and federal requirements.
10	No	$0	$0
The Bureau of Diplomatic Technology should bring the enterprise-level cloud services contracting officer's representative program into compliance with Department standards.
11	No	$0	$0
The Bureau of Diplomatic Technology, in coordination with the Bureau of Administration, should develop and communicate guidance specifying what cloud services procurement requirements staff need to implement, which staff are responsible for implementing them, and how the requirements should be implemented.