Military Personnel: Additional Actions Are Needed to Strengthen DOD's and the Coast Guard's Sexual Assault Prevention and Response Programs
Highlights
Sexual assault is a crime with negative implications to military readiness and esprit de corps. In response to a congressional request, GAO, in 2008, reviewed Department of Defense (DOD) and U.S. Coast Guard sexual assault prevention and response programs and recommended a number of improvements. GAO was subsequently asked to evaluate the extent to which (1) DOD has addressed GAO's 2008 recommendations and further developed its programs, (2) DOD has established a sexual assault database, and (3) the Coast Guard has addressed GAO's 2008 recommendations and further developed its programs. To do so, GAO analyzed legislative requirements and program guidance, interviewed officials, and compared database implementation efforts to key information technology best practices.
DOD has addressed four of GAO's nine recommendations from 2008 regarding the oversight and implementation of its sexual assault prevention and response programs. For example, the Office of the Secretary of Defense (OSD) evaluated department program guidance for joint and deployed environments, and it evaluated factors that may hinder access to health care following a sexual assault. But DOD's efforts to address the other recommendations reflect less progress. For example, GAO recommended that DOD develop an oversight framework, to include long-term goals and milestones, performance goals and strategies, and criteria for measuring progress. However, GAO found that the draft framework lacks key elements needed for comprehensive oversight of DOD's programs, such as criteria for measuring progress and an indication of how it will use the information derived from such measurement to improve its programs. Until OSD incorporates all key elements into its draft oversight framework, it will remain limited in its ability to effectively manage program development to help prevent and respond to sexual assault incidents. DOD acknowledges that more work remains in order to fully develop its oversight framework. DOD has taken steps to begin acquiring a centralized sexual assault database. However, it did not meet a legislative requirement to establish the database by January 2010, and it is unclear when the database will be established because DOD does not yet have a reliable schedule to guide its efforts. Also, key system acquisition best practices associated with successfully acquiring and deploying information technology systems, such as economically justifying the proposed system solution and effectively developing and managing requirements, have largely not been performed. OSD officials said they intend to employ these acquisition best practices. Until this is accomplished the program will be at increased risk of not delivering promised mission capabilities and benefits on time and within budget. While the Coast Guard has partially implemented one of GAO's two recommendations for further developing its sexual assault prevention and response program, it has not implemented the other. In June 2009, the Coast Guard began assessing its program staff's workload, which represents progress in addressing GAO's recommendation to evaluate its processes for staffing key installation-level positions in its program. However, it has not addressed GAO's recommendation to develop an oversight framework. Further, the Coast Guard lacks a systematic process for assembling, documenting, and maintaining sexual assault incident data, and lacks quality control procedures to ensure that the program data being collected are reliable. In fiscal year 2008, for example, different Coast Guard offices documented conflicting numbers of sexual assault reports: the Coast Guard Program Office documented 30, while the Investigative Office documented 78. The Coast Guard had to resolve this significant discrepancy before it could provide its data to DOD. Without a systematic process for tracking its data, the Coast Guard lacks reliable knowledge on the occurrence of sexual assaults.
Recommendations
Recommendations for Executive Action
Agency Affected | Recommendation | Status |
---|---|---|
Department of Defense | To improve the management, strategic planning, and comprehensiveness of OSD's oversight of the department's sexual assault prevention and response programs, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to strengthen OSD oversight framework by identifying how the results of performance assessments will be used to guide the development of future program initiatives. |
DOD concurred with this recommendation, and in its comments on our report, noted that it had several efforts underway or planned to address these issues. For example, DOD stated that in the early part of 2010, it will have a plan in place that details how it will track its progress toward the performance objectives laid out in the DOD-wide strategic plan, and it will develop a procedure to report back on progress toward objectives and any needed corrective steps. Further, DOD noted that the process it plans to use to track its progress toward performance objectives will also allow the department to synchronize the objectives, timelines, and strategies of its two strategic plans. In March 2011, DOD provided a sample tracker entry that summarizes the status of various actions in its strategic plan, the planned completion date, and the GAO recommendation to which they correspond. Additionally, in its fiscal year 2011 report on sexual assault in the military, DOD reported that it was using recommendations from DOD's Working Group on Victim Assistance to modify its plan for oversight of sexual assault prevention and response training in 2012. By developing and implementing this tracking mechanism and using recommendations from the working group's assessment to modify future oversight efforts, DOD has implemented the recommendation.
|
Department of Defense | To improve the management, strategic planning, and comprehensiveness of OSD's oversight of the department's sexual assault prevention and response programs, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to strengthen OSD oversight framework by identifying how OSD's program resources correlate to its achievement of strategic program objectives. |
DOD concurred with this recommendation, and in its comments on our report, it noted that starting with the 2012 budget cycle, OSD plans to align its budget categories with specific performance objectives laid out in its strategic plan. In March 2011, DOD provided a table that shows how much they budgeted for different priorities in the DOD-wide strategic plan. By identifying how funding relates to program objectives, DOD has implemented the recommendation.
|
Department of Defense | To improve the management, strategic planning, and comprehensiveness of OSD's oversight of the department's sexual assault prevention and response programs, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to strengthen OSD oversight framework by correlating its oversight framework to the program's two strategic plans so that program objectives, timelines, and strategies for achieving objectives are synchronized. |
DOD concurred with this recommendation, and in its comments on our report, it noted that that the process it plans to use to track its progress toward performance objectives will also allow the department to synchronize the objectives, timelines, and strategies of its two strategic plans. In March 2011, DOD provided a sample tracker entry that summarizes the status of various actions in its strategic plan for sexual assault prevention and response, the planned completion date, to which GAO recommendation it corresponds, etc. By synchronizing the various elements of these two strategic plans, DOD has implemented the recommendation.
|
Department of Defense | To enhance visibility over the incidence of sexual assaults involving DOD servicemembers, the department's sexual assault prevention and response programs, and the pending implementation of the Defense Sexual Assault Incident Database, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to standardize the type, amount, and format of the data in the military services' annual report submissions. |
DOD concurred with this recommendation, and in comments on our report,DOD acknowledged that achieving uniformity among the military services for all required data elements will greatly enhance its oversight capabilities. DOD added that it recently established definitions for case disposition data and developed a standardized program report template, and that both are being used by the military services to compile their respective data for the department's fiscal year 2009 report on sexual assault in the military services. DOD added that the comprehensive process of linking all of its data elements will ultimately be accomplished through its development of the Defense Sexual Assault Incident Database. Our report credits DOD with taking initial steps toward developing standardized data elements and definitions, and acknowledges the data template it developed and is using to collect a more standardized set of data from the military services for the department's fiscal year 2009 annual report to Congress. However, as we noted in our report, OSD officials stated that full standardization of data elements and definitions will not be achieved until it implements the Defense Sexual Assault Incident Database for which DOD does not currently have a reliable implementation schedule. In January 2012, we met with Sexual Assault Prevention and Response Office (SAPRO) officials who provided templates that it gave to the military services to request data for fiscal year 2011 and 2012. We reviewed those templates and found that SAPRO defines each data term to help ensure that the services are using common terminology when compiling their data. We agree that this template constitutes a standardization of the type, amount, and format of the data in the military services' annual report submissions. Therefore, we consider this recommendation to be implemented.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to developing a reliable integrated master schedule that addresses the nine key practices discussed in this report. |
DOD concurred with this recommendation and in comments on our report it noted DOD stated that it will give priority to developing a reliable integrated master schedule, and will follow GAO schedule estimating guidance. However, it added that while the department has thus far developed schedules that it characterized as capturing broader scope key activities, it would not be able to capture key schedule activities or estimate a timeframe for identifying key activities that are fundamental to developing a reliable schedule until it acquired the assistance of the system development contractor. DOD noted that this is because only the contractor will know the steps and time required to adopt proprietary materials to DOD's requirements for the database. Since the release of the report, DOD awarded a contract for the database's development however, the contract is currently under bid protest and therefore work to develop and implement the system has not progressed. In February 2011, OSD's Sexual Assault Prevention and Response Office (SAPRO) provided Congress with a status report on its database development and implementation efforts. In that report, SAPRO noted that it had developed an integrated master schedule for the development, implementation, and maintenance of its database, and that its efforts were in line with the recommendations in our report. In January 2012, we met with SAPRO officials who produced evidence of follow-up and task completion related to the integrated master schedule. Specifically, DOD provided screen shots of the Integrated Master Schedule for its database that indicate satisfaction of key practices 1 through 7 that are discussed in the report. Additionally, the department provided very brief, summary information related to practices 8 (i.e., conducting a schedule risk analysis) and 9 (i.e., updating the schedule using logic and durations to determine the dates for all key activities). At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to adequately assessing the program's overlap with and duplication of related programs through architecture compliance. |
DOD concurred with this recommendation and in comments on our report, DOD acknowledged the benefits derived from assessing the program's overlap with and duplication of related programs. It added, however, that our report inaccurately asserts that DOD has not complied with DOD guidance governing architecture compliance by stating that a complete set of system-level architecture products are not yet available to perform a thorough architecture compliance assessment. In this regard, it stated that DOD guidance does not call for the development of system-level architecture products until the Technology Development Phase in the Defense Acquisition System. In January 2012, we met with SAPRO officials who provided a copy of the Defense Sexual Assault Incident Database (DSAID) Information Support Plan, which summarized a suite of architecture products that were developed to comply with acquisition milestones and continuous process improvement efforts. However, SAPRO provided only limited information about its development of architectural products in support of meeting Milestones B and C. At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to adequately justifying investment in the proposed approach on the basis of reliable estimates of life cycle costs and benefits. |
DOD concurred with this recommendation, and in its comments on our report, DOD agreed that the cost estimate in the existing business case does not account for all life cycle costs and risks. However, it added that DOD guidance does not require comprehensive cost estimates in the business case and that the cost estimate in the business case was derived using cost estimating best practices. In February 2011, OSD's Sexual Assault Prevention and Response Office (SAPRO) provided Congress with a status report on its database development and implementation efforts. In that report, SAPRO noted that DOD had submitted and received approval on an economic justification as required by Milestone A, and a Certification of Funds package. SAPRO further noted that cost estimation best practices were used to produce the cost estimate included in the approved Business Case, and that an updated economic justification will be used when documentation for Milestones B and C are submitted for approval. Finally, SAPRO noted that its economic justification package included a DOD Information Technology Portfolio Registry Dashboard, economic viability review, and Federal Information Security Management Act Privacy Impact Assessment checklist, and that its efforts were in line with the recommendations in our report. In January 2012, we met with SAPRO officials who provided the business case for the Defense Sexual Assault Incident Database (DSAID), which included limited, estimated program cost information. However, the business case did not include estimated project and program management costs or sustainment and life cycle costs, such as testing or operations and maintenance costs. Further, although the department provided program budget figures, it did not provide information describing the underlying basis (i.e., estimated costs) on which the budget was based. At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to effectively developing and managing system requirements. |
DOD concurred with our recommendation to effectively develop and manage system requirements, and in comments on our report, DOD noted that it has continued to work with the military services in developing system requirements and that its progress in doing so is much greater than our report states. It also noted that since the database was legislated, Congress expanded its annual sexual assault reporting requirements, which in turn necessitated additional requirements development work with stakeholders. Further, it stated that it will institute a Change Control Board, which is a key requirements management control mechanism, and is using a range of system life cycle management tools that support requirements development and management.In February 2011, OSD's Sexual Assault Prevention and Response Office (SAPRO) provided Congress with a status report on its database development and implementation efforts. In that report, SAPRO noted that it had completed development of the requirements baseline for its database, which covers victim case management, incident information, subject demographics, subject disposition, and sexual assault prevention and response program administration data. SAPRO also noted that it had initiated the Change Control Board for the database. Finally, SAPRO noted that it continues to conduct interface mapping activities in collaboration with the military services, and that its efforts were in line with the recommendations in our report. In January 2012, we met with SAPRO officials who provided information about its configuration control board that has responsibility for reviewing and approving changes to requirements. However, the department has not provided evidence that the full range of requirements management activities, including continuous elicitation, establishment of a baseline requirements set, and ensuring traceability of requirements, are being performed. At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to adequately testing system capabilities. |
DOD concurred with our recommendation to adequately test system capabilities, and in comments on our report, DOD noted that our report does not sufficiently describe its efforts to develop a detailed test plan defining the program's testing approach and strategy, including the entrance and exit criteria for each testing phase. We agreed that our report does not cite the development of this plan because no such plan was provided to us as part of the documentation set submitted for the database's milestone acquisition approval, nor were we made aware of the existence of such a plan. Moreover, program officials told us that a test plan would be developed after the contractor was hired, and DOD's comments on our draft report acknowledged that a final test plan has yet to be created. In February 2011, OSD's Sexual Assault Prevention and Response Office (SAPRO) provided Congress with a status report on its database development and implementation efforts. In that report, SAPRO noted that DOD received Milestone A approval on the database test plan, which identified how the incremental functional requirements are to be tested, prior to and post release, defined the testing approach and strategy, and outlined additional testing cycles. SAPRO further noted that for Milestones B and C submissions, it will refine and execute its test management plan, and that its efforts were in line with the recommendations in our report. In January 2012, we met with SAPRO officials who stated that the department's intention is to develop an integrated test plan. At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
Department of Defense | To enhance the oversight of the sexual assault prevention and response program in DOD, the Secretary of Defense should direct the Under Secretary of Defense for Personnel and Readiness to ensure that the development and implementation of the Defense Sexual Assault Incident Database includes adherence to effectively managing program risks. |
DOD concurred with our recommendation to effectively manage program risks, and in comments on our report, DOD noted that our statement that risk management has yet to begin is incorrect because key risks have been identified. We agreed that risk identification, which is the first step in risk management, had begun, and also agree that the statement in our draft report that risk management has yet to begin is not consistent with its recognition of these risk identification efforts. As a result, we modified the report to note that many aspects of risk management have yet to begin, which DOD also states in its comments on our draft report. In February 2011, OSD's Sexual Assault Prevention and Response Office (SAPRO) provided Congress with a status report on its database development and implementation efforts. In that report, SAPRO noted that it received Milestone A approval through identification of database risks in its Risk Communications Strategy. SAPRO further noted that it is applying the approach recommended in the Risk Management Guide for DOD Acquisition, to develop and execute its Risk Management Plan and ensure sustained quality product delivery. According to SAPRO, the Risk Management Plan will be included in Milestones B and C submissions and will include processes for risk identification, analysis and mitigation, responsibility for managing risks to key stakeholders, overall encouragement of program wide risk management, and an examination of the status of identified risks during milestone reviews. In January 2012, we met with officials from SAPRO who provided the Risk Communications Strategy for DSAID as evidence that it has begun to identify and manage some program risks. Further, officials indicated that risk management will continue. At the end of September 2012, DOD told us that the system is operational and they anticipate it will be certified as fully operational in February 2013. In April 2013, SAPRO officials notified us of their decision to postpone certification of the database as fully operational until independent testing and deployment of the report module is complete. SAPRO officials told us that they expect this phase to be complete in August 2013. As of August 2016, DOD has not implemented this recommendation and it will be closed.
|
United States Coast Guard | To improve the oversight and accountability of the Coast Guard's sexual assault prevention and response program, the Commandant of the Coast Guard should establish a systematic process for collecting, documenting, and maintaining sexual assault incidence data. |
Coast Guard concurred with our recommendation to establish a systematic process for collecting, documenting, and maintaining sexual assault incidence data, and in its comments on our report, the Coast Guard noted that it had several initiatives underway to continue developing its sexual assault prevention and response program. For example, the Coast Guard stated that an electronic database to track sexual assault reports is in the prototype development phase, and based on current progress, it expects to complete the database in 2010. In April 2012, the Coast Guard updated us on the status of its efforts to establish a systematic process for collecting, documenting, and maintaining sexual assault incidence data. Specifically, the Coast Guard told us that it expects its Work-Life Information Management System (WIMS), on on-line tracking and reporting system, to be operational by the end of 2012 and that it plans to include this tracking system as part of its Integrated Health Information System (IHIS). Further, the Coast Guard told us that it released its new SAPR program policy, which requires the use of WIMS/IHIS for reporting purposes once it is operational, but in the meantime will continue to use its hardcopy process for collecting and reporting data. In May 2013, the Coast Guard told us that previous plans to implement the Work-Life Information Management System (WIMS) have been abandoned due to concerns about system functionality, data security, and design shortfalls. The Coast Guard added that a new online database for electronic sexual assault reporting that it says will address these concerns, the Work-Life Information Record-Keeping System (WIRKS), has been designed as part of an overall Coast Guard Integrated Health Information System. WIRKS development is nearing completion and this system should be launched later this year. In addition to its work on a database, Coast Guard officials told us that per the SAPR policy released in April 2012, all SAPR personnel use the same data collection format (aligned with the Department of Defense (DoD)) to report sexual assaults to the SAPR Program Manager at Headquarters. Enclosure (7) to reference (a) is used for Unrestricted Reports, and Enclosure (8) is used for Restricted Reports. Officials added that in the interim, the reports discussed above are being submitted electronically to the SAPR Program Manager, and data trend analysis is now being conducted by our Work-Life, Legal, and Coast Guard Investigative Services (CGIS) staffs. In September 2014, Coast Guard officials told us that they had decided to use DOD's Sexual Assault Incident Database (DSAID) rather than the planned Work-Life Information Management System. They noted that the decision to implement DSAID is to align with DoD and by using the database that all of the other armed services have been using. Officials also noted that joint system usage will streamline data collection, analysis and reporting. Coast Guard officials anticipate that DSAID will be operational in early 2015.
|
United States Coast Guard | To improve the oversight and accountability of the Coast Guard's sexual assault prevention and response program, the Commandant of the Coast Guard should establish quality control processes to ensure that program information collected is valid and reliable. |
Coast Guard concurred with this recommendation, and in comments on our report, the Coast Guard noted that it has several initiatives underway to continue developing its sexual assault prevention and response program. For example, the Coast Guard stated that an electronic database to track sexual assault reports, which would help curb quality control issues, is in the prototype development phase, and based on current progress, it expects to complete the database in 2010. In April 2012, the Coast Guard updated the status of their efforts to implement this recommendation. Specifically, the Coast Guard told us that it is establishing protocols for field data entry, which it expects will be finalized by the end of 2012. Further, the Coast Guard told us that the protocols for entry of sexual assault prevention and response program data stipulates data requirements, and the revised program policy addresses reporting procedures, data elements, and quality assurance requirements for the Coast Guard's sexual assault prevention and response program. In May 2013, the Coast Guard told us that all SAPR personnel use the same data collection format to report sexual assaults to the SAPR Program Manager at Coast Guard Headquarters, and provided enclosures to demonstrate that a standardized format has been established for collecting data on both restricted and unrestricted sexual assault reports. Coast Guard officials added that the development of the online database for electronic sexual assault reporting, the Work-Life Information Record-Keeping System (WIRKS), is nearing completion and should be launched later this year. In September 2014, Coast Guard officials told us that they had decided to use DOD's Sexual Assault Incident Database (DSAID) rather than the planned Work-Life Information Management System. They noted that the decision to implement DSAID is to align with DoD and by using the database that all of the other armed services have been using. Officials also noted that joint system usage will streamline data collection, analysis and reporting. Coast Guard officials anticipate that DSAID will be operational in early 2015.
|
United States Coast Guard | To improve execution of sexual assault prevention and response programs, the Commandant of the Coast Guard should establish and administer a curriculum for all key program personnel to ensure that they can provide proper advice to Coast Guard personnel. |
The Coast Guard concurred with this recommendation, and in comments on our report, the Coast Guard noted that it has completed an assessment of workload requirements and resource allocations for its Sexual Assault Response Coordinators, and upon release of the final report, the Coast Guard plans to review and analyze the recommendations and, as appropriate, incorporate additional resource requirements into its annual budget process. In April 2012, the Coast Guard updated the status of its efforts to implement this recommendation. Specifically, the Coast Guard told us that annual sexual assault prevention and response training is required for all Coast Guard personnel, and that a standardized curriculum has been developed and is being facilitated throughout the Coast Guard. Further, primary and secondary Sexual Assault Response Coordinators have been trained in their duties with Coast Guard-specific training events, and nearly 450 Victim Advocates have been trained over the past few years with Coast Guard-specific Victim Advocate training. We will update this next when we receive and review the curriculum. In May 2013, Coast Guard officials told us that all Coast Guard SAPR personnel (e.g., Sexual Assault Response Coordinators (SARC)) must be trained by the SAPR Program Manager, and that appropriate curriculum changes are made as the program improves each year. Officials added that SAPR Mandated Training (MT) is required annually for all personnel, and is facilitated by a SARC. The Coast Guard noted that it also offers the training online for members who are unable to physically attend this training. Officials further stated that all Victim Advocates (VA) are trained with a specific Coast Guard VA Training, which is provided by a SARC that has completed both SARC and VA training and has previously co-facilitated a VA training with either the SAPR Program Manager, or another certified trainer. Finally, the Coast Guard noted that a bystander intervention strategy, the Sexual Assault Prevention Workshop (SAPW), has been developed and is being implemented Coast Guard-wide. According to officials, this four-hour discussion-based training is facilitated by a SARC, a Staff Judge Advocate, and a Coast Guard Investigative Service (CGIS) agent. It includes actual scenarios, video clips, interactive exercises, and a gender-separated segment with same-gender facilitators.As support for the steps they report to have taken, Coast Guard officials provided us with the PowerPoint presentation that is used to conduct the annual sexual assault training that is mandatory for all personnel, the curriculum that is used to train victim advocates, and the facilitator's guide that is used to conduct sexual assault training.
|