"[The NASA system that we reviewed for this audit] is a core system used to process, store, and distribute vital Agency intellectual property, such as [. . .], and crucial program and project information. [The reviewed system] is categorized as a "high-impact system" under Federal Information Processing Standards (FIPS) Publication 199, "Standards for Security Categorization of Federal Information and Information Systems," February 2004. As such, a compromise of security controls1 for a high-impact system could result in severe adverse impact, leading to degradation in or loss of NASA's mission capability, harm to individuals, or life-threatening injuries. In October 20[XX], NASA awarded a 4-year contract to [a contractor] for, among other things, operation of [the reviewed system]."
Keith's note: I can certainly understand redacting information that would compromise national security. But this report is often incomprehensible due to the huge number of redactions. Simply redacting the entire report would have made more sense. Plus, if there really was a concern about keeping the contractor/system from being identified, why give hints as to when the contract being discussed was awarded? If I really wanted to take the time I could go back and look at NASA press releases from the month of October between 2000 and 2009 and search back through one of more easily accessible websites for NASA contract awards as well.