Вы находитесь на странице: 1из 1

Lexmark Response to Department of Defense Investor General Audit

August 2, 2019

We are disappointed by and strongly disagree with the representation of Lexmark in the DoD
Inspector General Audit. Lexmark is an independent U.S.-based company and has been a proud
supplier to the U.S. federal government for more than 25 years.

The statement associating our company with Chinese state interests is unfounded. The IG
references the April 2018 US-China Economic and Security Review Commission Report as
support for this statement but no such link is discussed or even suggested in that
report. Furthermore, Lexmark was not listed as a banned or restricted commercial off-the-shelf
(COTS) manufacturer in the DoD Inspector General Audit.

Lexmark owners are financial investors only and have no access to the Lexmark network, no
access to source code of any kind, and no access to any U.S. customer information. In fact,
Lexmark is audited annually by a U.S. government-approved third party Security Monitor to
ensure adherence to the controls we have in place to prevent security or supply chain
vulnerabilities. We have successfully passed each audit and welcome the comparison of our
security procedures and processes to any peer IT company.

Lexmark addresses reported security vulnerabilities with high urgency. Each Lexmark hardware
issue referenced in the Inspector General's report was fixed in a timely manner, and many were
proactively reported by Lexmark to protect our customers. Lexmark is committed to
responsible disclosure and considers it a key part of our Secure Software Development
Lifecycle.

Lexmark supports the inspector general's recommendation of additional evaluation and


processes to ensure the security of COTS purchases. Given our security processes and controls,
we are confident Lexmark will continue to be a valued supplier to the U.S. federal government.

--Brad Clay, Lexmark Senior Vice President, Chief Information and Compliance Officer