US flag signifying that this is a United States Federal Government website Official website of the Department of Homeland Security

Consistent with CDC guidance, most Office of Inspector General employees are currently serving the American people remotely.  We are determined to keep interruptions to our operations to a minimum, and we appreciate your patience during this time.

Information and guidance about COVID-19 is available at

Evaluation of DHS' Information Security Program for Fiscal Year 2016

Executive Summary

Despite the progress made, Components were not consistently following DHS’ policies and procedures to maintain current or complete information on remediating security weaknesses timely. Components operated 79 unclassified systems with expired authorities to operate.  Further, Components had not consolidated all internet traffic behind the Department’s trusted internet connections and continued to use unsupported operating systems that may expose DHS data to unnecessary risks.  Our review identified deficiencies related to configuration management and continuous monitoring. We made four recommendations to the Chief Information Security Officer.  The Department concurred with all four recommendations.

Report Number
Issue Date
Document File
DHS Agency
Oversight Area
Fiscal Year