Issues with Access to Acquisition Data and Information in the Department of Defense: A Closer Look at the Origins and Implementation of Controlled Unclassified Information Labels and Security Policy

Abstract : Acquisition data play a critical role in the management of the U.S. Department of Defenses (DoDs) portfolio of weapon systems. Management and sharing of these data are subject to the interaction and interpretation of a large quantity of laws, regulations, and policies; Controlled Unclassified Information (CUI) labels; and DoD culture, among other influences. This complex environment for acquisition data leads to a host of inefficiencies for those who manage and utilize these data. The Office of the Secretary of Defense asked RAND to take a closer look at several key sources of inefficiency by evaluating how marking and labeling CUI procedures, practices, and security policies affect access and management of acquisition oversight data. This builds on our earlier work (Riposo et al., 2015, Issues with Access to Acquisition Data and Information in the Department of Defense: Policy and Practice) by examining in more detail issues with sharing proprietary information, using CUI labels, and implementing security policy in the Acquisition Information Repository and the Defense Acquisition Management Information Retrieval information systems. This report should be useful to government acquisition professionals, oversight organizations, and, especially, the analytic community.