Evaluation of Millennium Challenge Corporation's Implementation of Executive Order 13526, Classified National Security Information

We recommend that the Millennium Challenge Corporation's Director of Security (1) verify that the board meeting minutes from September 2011 to September 2013 are marked properly and provide the results of the verification to OIG,
(2) include instructions on how to correctly mark derivative classification documents in Millennium Challenge Corporation mandatory training courses, and (3) verify compliance with marking requirements in annual self-inspection reports.

Include instructions on how to correctly mark derivative classification documents in Millennium Challenge Corporation mandatory training courses,

(3). Verify compliance with marking requirements in annual self-inspection reports.

We recommend that the Millennium Challenge Corporation's Director of Security document that all original classification authorities have completed required training or obtained waivers.

We recommend that the Millennium Challenge Corporation's Director of Security establish formal guidance that requires documentation of completion of Executive Order 13526 training requirements for all employees, including original
classification authorities.

We recommend that the Millennium Challenge Corporation's Director of Security update the Procedures for MCC Private Sector Board Members and Plus Ones for Storing Confidential Information in GSA-approved safes or submit alternative measures to the Information Security Oversight Office, as required.