This report concerns the Ministry of Defence’s protection of information on weapons.
The purpose of the study is to assess whether the Ministry of Defence has ensured adequate protection of employees’ access to information on weapons in the ministry’s IT systems.
Rigsrevisionen finds that the Ministry of Defence’s protection of employees’ access to information on weapons is highly unsatisfactory. The ministry has granted many employees access to information on weapons in its IT systems without assessing whether they have a work-related need for it. Nor does the ministry sufficiently monitor who accesses the information. As a result, the Ministry of Defence does not comply with several of the requirements set out in the international standard for information security and in the ministry’s own security regulations. The consequence is an increased risk that employees may, intentionally or unintentionally, disclose information about the Danish Defence’s weapons, which could be used for espionage, sabotage or other criminal activities.
Rigsrevisionen initiated the study in August 2024.
Read the introduction and conclusion (PDF)