The State Department is not screening its mail at overseas posts, causing security threats, according to a new report released Monday.
The agency's inspector general released an audit detailing security shortcomings at diplomatic posts around the world, including a lack of emergency preparedness and failures to prevent unauthorized personnel from entering compounds.
Although the inspector general could not reveal significant security vulnerabilities in detail because of their classified nature, the watchdog said the State Department is failing to take fundamental steps to ensure security.
"OIG determined that, despite recent improvements, the Department’s management and oversight of security personnel is still lacking at posts overseas," the inspector general said. "Local guard forces failed to perform contractually required duties, such as conducting access control, delivery, and mail screening."
"If not addressed, these performance deficiencies could allow unauthorized personnel to access the compound or visitors to bring prohibited items into the compound," they said.
The inspector general said security failings, such as top officials not knowing if the military is available in the event of an attack, are a matter of "life and death."
"Failure to investigate and properly and promptly report suspicious or unusual occurrences can delay the reaction time of post officials in an emergency," the audit said. "When crises arise, planning and preparation can make the difference between life and death."
The inspector general said it identified "several issues" this year with the State Department's emergency planning and preparedness, including chiefs of mission being "unaware of the U.S. military assets available during emergency situations."
"Without this information, embassies and consulates cannot properly plan for emergencies and may be hindered in their responses to actual crises," the inspector general said.
Cyber security and records management were also listed as vulnerabilities. The State Department has spent $7.65 billion on information technology since 2012, though security and management in that area "continues to be a significant management challenge."
Instances of waste, fraud, and abuse were also cited, including $2.3 million worth of diesel stolen from the U.S. Embassy in Tbilisi, and government credit card abuse totaling $34 million.