The Department of Defense’s deployment of biometric and forensic capabilities is hindered by a lack of strategic plans for implementation and miscommunication across the armed forces on how to develop key tools needed to gather evidence and data on combatants, according to a Government Accountability Office (GAO) report released Monday.

The GAO conducted a performance audit on the DoD’s use of biometric and forensic tools between June 2016 and August 2017. The report found the department is missing a forensic capabilities strategy plan and had yet to choose a specific office to develop a plan needed to address acquisition management challenges.pentagon_defensewatch

DoD officials also reported that the Army failed to follow through on the department’s acquisition protocols for developing biometric capabilities, leading to possible higher spending on less viable capabilities.

In its report, the GAO recommends the DoD update its biometric enterprise strategic plan, fix the management and oversight of the biometric acquisition process, establish a more geographically dispersed back-up capability for its biometric data and address the lack of a forensic capability strategic plan.

“During continued military operations in Iraq and Afghanistan, U.S. forces have faced an adversary that is often indistinguishable from innocent civilians in the general population. The Department of Defense (DOD) has relied on biometric and forensic capabilities to identify, target, and disrupt enemy combatants and terrorists in these countries and worldwide,” the GAO writes.

The DoD has utilized biometric and forensic tools in the capturing or killing of 1,700 enemy combatants since 2008 and have successfully denied 92,000 adversaries access to military bases, according the report.

Biometric capabilities are used to identify individuals based on accumulated anatomical, physiological and behavioral data, including fingerprints, eye scans and voice recognition. Forensic capabilities analyze DNA and latent fingerprint evidence to determine the locations of possible adversaries in relation to past events or previously identified suspects.

Much of the report’s focus is on addressing the vulnerabilities presented by a lack of geographical dispersement for back-up data sites of the the DoD Automated Biometric Information System (DoD ABIS), the department’s system for storing biometric data on non-U.S. citizens.

“According to officials from across the biometric enterprise, U.S. forces rely on DOD ABIS to store and match biometric and latent fingerprint information. Without a geographically dispersed back-up, there is increased risk that if DOD ABIS were unavailable for unexpected and extended periods, U.S. forces would be unable to receive timely match/no-match information to identify enemy combatants and terrorists,” the report says. “DOD ABIS has a partial back-up system that is located less than 20 miles away from its primary site in West Virginia, thereby making it vulnerable to many of the same natural and man-made disasters to which the primary site is vulnerable. According to the National Institute of Standards and Technology, mission-critical information systems, such as DOD ABIS, should have a back-up capability located in a geographic area that is unlikely to be affected by the same hazards as the primary site.”

The DoD must also meet challenges in hiring the and retaining the personnel needed to maintain the DoD ABIS in order to avoid further operational risks.

The DoD ABIS is also used with the Navy’s Identification and Screening Information System, the Special Operation Forces Exploitation, and the Army’s Near Real Time Identity Operations to transmit sensitive biometric data to from the various networks.

Leidos [LDOS) in late June won a potential five-year $133 million contract to provide support to the DoD ABIS version 1.2 and to develop a service life extension to version 1.3. Northrop Grumman [NOC] was incumbent on the DoD ABIS contract.